Merge branch 'master' into staging
This commit is contained in:
commit
60d89e5793
377 changed files with 9647 additions and 7355 deletions
31
.github/workflows/wait-ofborg.yml
vendored
Normal file
31
.github/workflows/wait-ofborg.yml
vendored
Normal file
|
@ -0,0 +1,31 @@
|
|||
name: "Wait for ofborg"
|
||||
on:
|
||||
pull_request:
|
||||
jobs:
|
||||
tests:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Wait for ofborg CI
|
||||
run: |
|
||||
# wait for ~30min...
|
||||
# ..in future a better fix would be to make ofborg mark CI as pending right away.
|
||||
for i in $(seq 360); do
|
||||
res=$(curl --silent \
|
||||
-H "Accept: application/vnd.github.antiope-preview+json" \
|
||||
-H "Authorization: token ${GITHUB_TOKEN}" \
|
||||
"https://api.github.com/repos/NixOS/nixpkgs/commits/${COMMIT}/check-runs" | \
|
||||
jq ".check_runs | map(.app) | map(.id) | contains([${OFBORG_APP_ID}])")
|
||||
if [[ "$res" == "true" ]]; then
|
||||
exit 0
|
||||
fi
|
||||
sleep 5
|
||||
echo "."
|
||||
done
|
||||
echo "Timeout!"
|
||||
exit 1
|
||||
# ofborg is not checking forks.
|
||||
if: github.repository_owner == 'NixOS'
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ github.token }}
|
||||
COMMIT: ${{ github.event.pull_request.head.sha }}
|
||||
OFBORG_APP_ID: 20500
|
17
flake.nix
17
flake.nix
|
@ -12,23 +12,30 @@
|
|||
|
||||
lib = import ./lib;
|
||||
|
||||
systems = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ];
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
"i686-linux"
|
||||
"x86_64-darwin"
|
||||
"aarch64-linux"
|
||||
"armv6l-linux"
|
||||
"armv7l-linux"
|
||||
];
|
||||
|
||||
forAllSystems = f: lib.genAttrs systems (system: f system);
|
||||
|
||||
in
|
||||
{
|
||||
lib = lib // {
|
||||
lib = lib.extend (final: prev: {
|
||||
nixosSystem = { modules, ... } @ args:
|
||||
import ./nixos/lib/eval-config.nix (args // {
|
||||
modules = modules ++
|
||||
[ { system.nixos.versionSuffix =
|
||||
".${lib.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}";
|
||||
system.nixos.revision = lib.mkIf (self ? rev) self.rev;
|
||||
".${final.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}";
|
||||
system.nixos.revision = final.mkIf (self ? rev) self.rev;
|
||||
}
|
||||
];
|
||||
});
|
||||
};
|
||||
});
|
||||
|
||||
checks.x86_64-linux.tarball = jobs.tarball;
|
||||
|
||||
|
|
|
@ -543,6 +543,12 @@
|
|||
githubId = 750786;
|
||||
name = "Justin Wood";
|
||||
};
|
||||
anna328p = {
|
||||
email = "anna328p@gmail.com";
|
||||
github = "anna328p";
|
||||
githubId = 9790772;
|
||||
name = "Anna";
|
||||
};
|
||||
anmonteiro = {
|
||||
email = "anmonteiro@gmail.com";
|
||||
github = "anmonteiro";
|
||||
|
@ -673,6 +679,12 @@
|
|||
githubId = 3965744;
|
||||
name = "Arthur Lee";
|
||||
};
|
||||
arturcygan = {
|
||||
email = "arczicygan@gmail.com";
|
||||
github = "arcz";
|
||||
githubId = 4679721;
|
||||
name = "Artur Cygan";
|
||||
};
|
||||
artuuge = {
|
||||
email = "artuuge@gmail.com";
|
||||
github = "artuuge";
|
||||
|
@ -1109,6 +1121,12 @@
|
|||
githubId = 3465841;
|
||||
name = "Boris Sukholitko";
|
||||
};
|
||||
bouk = {
|
||||
name = "Bouke van der Bijl";
|
||||
email = "i@bou.ke";
|
||||
github = "bouk";
|
||||
githubId = 97820;
|
||||
};
|
||||
bradediger = {
|
||||
email = "brad@bradediger.com";
|
||||
github = "bradediger";
|
||||
|
@ -1406,6 +1424,16 @@
|
|||
githubId = 30435868;
|
||||
name = "Okina Matara";
|
||||
};
|
||||
Chili-Man = {
|
||||
email = "dr.elhombrechile@gmail.com";
|
||||
name = "Diego Rodriguez";
|
||||
github = "Chili-Man";
|
||||
githubId = 631802;
|
||||
keys = [{
|
||||
longkeyid = "rsa4096/0xE0EBAD78F0190BD9";
|
||||
fingerprint = "099E 3F97 FA08 3D47 8C75 EBEC E0EB AD78 F019 0BD9";
|
||||
}];
|
||||
};
|
||||
chkno = {
|
||||
email = "chuck@intelligence.org";
|
||||
github = "chkno";
|
||||
|
@ -2052,12 +2080,6 @@
|
|||
githubId = 1316469;
|
||||
name = "Naomi Morse";
|
||||
};
|
||||
dkudriavtsev = {
|
||||
email = "dkudriavtsev@gmail.com";
|
||||
github = "dkudriavtsev";
|
||||
githubId = 9790772;
|
||||
name = "Dmitry Kudriavtsev";
|
||||
};
|
||||
dmalikov = {
|
||||
email = "malikov.d.y@gmail.com";
|
||||
github = "dmalikov";
|
||||
|
@ -6160,6 +6182,12 @@
|
|||
githubId = 20792;
|
||||
name = "Sebastian Galkin";
|
||||
};
|
||||
parasrah = {
|
||||
email = "nixos@parasrah.com";
|
||||
github = "parasrah";
|
||||
githubId = 14935550;
|
||||
name = "Brad Pfannmuller";
|
||||
};
|
||||
pashashocky = {
|
||||
email = "pashashocky@gmail.com";
|
||||
github = "pashashocky";
|
||||
|
@ -6334,6 +6362,12 @@
|
|||
githubId = 119460;
|
||||
name = "Perry Barnoy";
|
||||
};
|
||||
pjjw = {
|
||||
email = "peter@shortbus.org";
|
||||
github = "pjjw";
|
||||
githubId = 638;
|
||||
name = "Peter Woodman";
|
||||
};
|
||||
pjones = {
|
||||
email = "pjones@devalot.com";
|
||||
github = "pjones";
|
||||
|
@ -6828,6 +6862,12 @@
|
|||
githubId = 2507744;
|
||||
name = "Roland Koebler";
|
||||
};
|
||||
rizary = {
|
||||
email = "andika@numtide.com";
|
||||
github = "Rizary";
|
||||
githubId = 7221768;
|
||||
name = "Andika Demas Riyandi";
|
||||
};
|
||||
rkrzr = {
|
||||
email = "ops+nixpkgs@channable.com";
|
||||
github = "rkrzr";
|
||||
|
|
|
@ -525,12 +525,37 @@ systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
|
|||
automatically if <literal>stateVersion</literal> is 20.09 or higher.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>udpt</literal> experienced a complete rewrite from C++ to rust. The configuration format changed from ini to toml.
|
||||
The new configuration documentation can be found at
|
||||
<link xlink:href="https://naim94a.github.io/udpt/config.html">the official website</link> and example
|
||||
configuration is packaged in <literal>${udpt}/share/udpt/udpt.toml</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
We now have a unified <xref linkend="opt-services.xserver.displayManager.autoLogin"/> option interface
|
||||
to be used for every display-manager in NixOS.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>bitcoind</literal> module has changed to multi-instance, using submodules.
|
||||
Therefore, it is now mandatory to name each instance, e.g.:
|
||||
<programlisting>
|
||||
services.bitcoind = {
|
||||
enable = true;
|
||||
};
|
||||
</programlisting>
|
||||
requires a name now:
|
||||
<programlisting>
|
||||
services.bitcoind."example-mainnet" = {
|
||||
enable = true;
|
||||
};
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -5,21 +5,32 @@
|
|||
config
|
||||
|
||||
, # The size of the disk, in megabytes.
|
||||
diskSize
|
||||
# if "auto" size is calculated based on the contents copied to it and
|
||||
# additionalSpace is taken into account.
|
||||
diskSize ? "auto"
|
||||
|
||||
# The files and directories to be placed in the target file system.
|
||||
, # additional disk space to be added to the image if diskSize "auto"
|
||||
# is used
|
||||
additionalSpace ? "512M"
|
||||
|
||||
, # size of the boot partition, is only used if partitionTableType is
|
||||
# either "efi" or "hybrid"
|
||||
bootSize ? "256M"
|
||||
|
||||
, # The files and directories to be placed in the target file system.
|
||||
# This is a list of attribute sets {source, target} where `source'
|
||||
# is the file system object (regular file or directory) to be
|
||||
# grafted in the file system at path `target'.
|
||||
, contents ? []
|
||||
contents ? []
|
||||
|
||||
, # Type of partition table to use; either "legacy", "efi", or "none".
|
||||
# For "efi" images, the GPT partition table is used and a mandatory ESP
|
||||
# partition of reasonable size is created in addition to the root partition.
|
||||
# If `installBootLoader` is true, GRUB will be installed in EFI mode.
|
||||
# For "legacy", the msdos partition table is used and a single large root
|
||||
# partition is created. If `installBootLoader` is true, GRUB will be
|
||||
# installed in legacy mode.
|
||||
# partition is created.
|
||||
# For "hybrid", the GPT partition table is used and a mandatory ESP
|
||||
# partition of reasonable size is created in addition to the root partition.
|
||||
# Also a legacy MBR will be present.
|
||||
# For "none", no partition table is created. Enabling `installBootLoader`
|
||||
# most likely fails as GRUB will probably refuse to install.
|
||||
partitionTableType ? "legacy"
|
||||
|
@ -43,7 +54,7 @@
|
|||
format ? "raw"
|
||||
}:
|
||||
|
||||
assert partitionTableType == "legacy" || partitionTableType == "efi" || partitionTableType == "none";
|
||||
assert partitionTableType == "legacy" || partitionTableType == "efi" || partitionTableType == "hybrid" || partitionTableType == "none";
|
||||
# We use -E offset=X below, which is only supported by e2fsprogs
|
||||
assert partitionTableType != "none" -> fsType == "ext4";
|
||||
|
||||
|
@ -65,6 +76,7 @@ let format' = format; in let
|
|||
rootPartition = { # switch-case
|
||||
legacy = "1";
|
||||
efi = "2";
|
||||
hybrid = "3";
|
||||
}.${partitionTableType};
|
||||
|
||||
partitionDiskScript = { # switch-case
|
||||
|
@ -76,9 +88,18 @@ let format' = format; in let
|
|||
efi = ''
|
||||
parted --script $diskImage -- \
|
||||
mklabel gpt \
|
||||
mkpart ESP fat32 8MiB 256MiB \
|
||||
mkpart ESP fat32 8MiB ${bootSize} \
|
||||
set 1 boot on \
|
||||
mkpart primary ext4 256MiB -1
|
||||
mkpart primary ext4 ${bootSize} -1
|
||||
'';
|
||||
hybrid = ''
|
||||
parted --script $diskImage -- \
|
||||
mklabel gpt \
|
||||
mkpart ESP fat32 8MiB ${bootSize} \
|
||||
set 1 boot on \
|
||||
mkpart no-fs 0 1024KiB \
|
||||
set 2 bios_grub on \
|
||||
mkpart primary ext4 ${bootSize} -1
|
||||
'';
|
||||
none = "";
|
||||
}.${partitionTableType};
|
||||
|
@ -129,19 +150,6 @@ let format' = format; in let
|
|||
}
|
||||
|
||||
mkdir $out
|
||||
diskImage=nixos.raw
|
||||
truncate -s ${toString diskSize}M $diskImage
|
||||
|
||||
${partitionDiskScript}
|
||||
|
||||
${if partitionTableType != "none" then ''
|
||||
# Get start & length of the root partition in sectors to $START and $SECTORS.
|
||||
eval $(partx $diskImage -o START,SECTORS --nr ${rootPartition} --pairs)
|
||||
|
||||
mkfs.${fsType} -F -L ${label} $diskImage -E offset=$(sectorsToBytes $START) $(sectorsToKilobytes $SECTORS)K
|
||||
'' else ''
|
||||
mkfs.${fsType} -F -L ${label} $diskImage
|
||||
''}
|
||||
|
||||
root="$PWD/root"
|
||||
mkdir -p $root
|
||||
|
@ -186,6 +194,31 @@ let format' = format; in let
|
|||
nixos-install --root $root --no-bootloader --no-root-passwd \
|
||||
--system ${config.system.build.toplevel} --channel ${channelSources} --substituters ""
|
||||
|
||||
diskImage=nixos.raw
|
||||
|
||||
${if diskSize == "auto" then ''
|
||||
${if partitionTableType == "efi" || partitionTableType == "hybrid" then ''
|
||||
additionalSpace=$(( ($(numfmt --from=iec '${additionalSpace}') + $(numfmt --from=iec '${bootSize}')) / 1000 ))
|
||||
'' else ''
|
||||
additionalSpace=$(( $(numfmt --from=iec '${additionalSpace}') / 1000 ))
|
||||
''}
|
||||
diskSize=$(( $(set -- $(du -d0 $root); echo "$1") + $additionalSpace ))
|
||||
truncate -s "$diskSize"K $diskImage
|
||||
'' else ''
|
||||
truncate -s ${toString diskSize}M $diskImage
|
||||
''}
|
||||
|
||||
${partitionDiskScript}
|
||||
|
||||
${if partitionTableType != "none" then ''
|
||||
# Get start & length of the root partition in sectors to $START and $SECTORS.
|
||||
eval $(partx $diskImage -o START,SECTORS --nr ${rootPartition} --pairs)
|
||||
|
||||
mkfs.${fsType} -F -L ${label} $diskImage -E offset=$(sectorsToBytes $START) $(sectorsToKilobytes $SECTORS)K
|
||||
'' else ''
|
||||
mkfs.${fsType} -F -L ${label} $diskImage
|
||||
''}
|
||||
|
||||
echo "copying staging root to image..."
|
||||
cptofs -p ${optionalString (partitionTableType != "none") "-P ${rootPartition}"} -t ${fsType} -i $diskImage $root/* /
|
||||
'';
|
||||
|
@ -219,7 +252,7 @@ in pkgs.vmTools.runInLinuxVM (
|
|||
|
||||
# Create the ESP and mount it. Unlike e2fsprogs, mkfs.vfat doesn't support an
|
||||
# '-E offset=X' option, so we can't do this outside the VM.
|
||||
${optionalString (partitionTableType == "efi") ''
|
||||
${optionalString (partitionTableType == "efi" || partitionTableType == "hybrid") ''
|
||||
mkdir -p /mnt/boot
|
||||
mkfs.vfat -n ESP /dev/vda1
|
||||
mount /dev/vda1 /mnt/boot
|
||||
|
|
|
@ -26,7 +26,7 @@ in
|
|||
Whether to enable <command>uvcvideo</command> dynamic controls.
|
||||
|
||||
Note that enabling this brings the <command>uvcdynctrl</command> tool
|
||||
into your environement and register all dynamic controls from
|
||||
into your environment and register all dynamic controls from
|
||||
specified <command>packages</command> to the <command>uvcvideo</command> driver.
|
||||
'';
|
||||
};
|
||||
|
|
|
@ -814,6 +814,7 @@
|
|||
./services/security/torsocks.nix
|
||||
./services/security/usbguard.nix
|
||||
./services/security/vault.nix
|
||||
./services/security/yubikey-agent.nix
|
||||
./services/system/cloud-init.nix
|
||||
./services/system/dbus.nix
|
||||
./services/system/earlyoom.nix
|
||||
|
@ -885,6 +886,7 @@
|
|||
./services/web-servers/meguca.nix
|
||||
./services/web-servers/mighttpd2.nix
|
||||
./services/web-servers/minio.nix
|
||||
./services/web-servers/molly-brown.nix
|
||||
./services/web-servers/nginx/default.nix
|
||||
./services/web-servers/nginx/gitweb.nix
|
||||
./services/web-servers/phpfpm/default.nix
|
||||
|
|
|
@ -70,6 +70,7 @@ in
|
|||
agent.pinentryFlavor = mkOption {
|
||||
type = types.nullOr (types.enum pkgs.pinentry.flavors);
|
||||
example = "gnome3";
|
||||
default = defaultPinentryFlavor;
|
||||
description = ''
|
||||
Which pinentry interface to use. If not null, the path to the
|
||||
pinentry binary will be passed to gpg-agent via commandline and
|
||||
|
@ -91,8 +92,6 @@ in
|
|||
};
|
||||
|
||||
config = mkIf cfg.agent.enable {
|
||||
programs.gnupg.agent.pinentryFlavor = mkDefault defaultPinentryFlavor;
|
||||
|
||||
# This overrides the systemd user unit shipped with the gnupg package
|
||||
systemd.user.services.gpg-agent = mkIf (cfg.agent.pinentryFlavor != null) {
|
||||
serviceConfig.ExecStart = [ "" ''
|
||||
|
|
|
@ -36,6 +36,17 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
p11Auth = mkOption {
|
||||
default = config.security.pam.p11.enable;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
If set, keys listed in
|
||||
<filename>~/.ssh/authorized_keys</filename> and
|
||||
<filename>~/.eid/authorized_certificates</filename>
|
||||
can be used to log in with the associated PKCS#11 tokens.
|
||||
'';
|
||||
};
|
||||
|
||||
u2fAuth = mkOption {
|
||||
default = config.security.pam.u2f.enable;
|
||||
type = types.bool;
|
||||
|
@ -352,6 +363,8 @@ let
|
|||
"auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=~/.ssh/authorized_keys:~/.ssh/authorized_keys2:/etc/ssh/authorized_keys.d/%u"}
|
||||
${optionalString cfg.fprintAuth
|
||||
"auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so"}
|
||||
${let p11 = config.security.pam.p11; in optionalString cfg.p11Auth
|
||||
"auth ${p11.control} ${pkgs.pam_p11}/lib/security/pam_p11.so ${pkgs.opensc}/lib/opensc-pkcs11.so"}
|
||||
${let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth
|
||||
"auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} ${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"}"}
|
||||
${optionalString cfg.usbAuth
|
||||
|
@ -566,6 +579,39 @@ in
|
|||
|
||||
security.pam.enableOTPW = mkEnableOption "the OTPW (one-time password) PAM module";
|
||||
|
||||
security.pam.p11 = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Enables P11 PAM (<literal>pam_p11</literal>) module.
|
||||
|
||||
If set, users can log in with SSH keys and PKCS#11 tokens.
|
||||
|
||||
More information can be found <link
|
||||
xlink:href="https://github.com/OpenSC/pam_p11">here</link>.
|
||||
'';
|
||||
};
|
||||
|
||||
control = mkOption {
|
||||
default = "sufficient";
|
||||
type = types.enum [ "required" "requisite" "sufficient" "optional" ];
|
||||
description = ''
|
||||
This option sets pam "control".
|
||||
If you want to have multi factor authentication, use "required".
|
||||
If you want to use the PKCS#11 device instead of the regular password,
|
||||
use "sufficient".
|
||||
|
||||
Read
|
||||
<citerefentry>
|
||||
<refentrytitle>pam.conf</refentrytitle>
|
||||
<manvolnum>5</manvolnum>
|
||||
</citerefentry>
|
||||
for better understanding of this option.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
security.pam.u2f = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
|
@ -747,6 +793,7 @@ in
|
|||
++ optionals config.krb5.enable [pam_krb5 pam_ccreds]
|
||||
++ optionals config.security.pam.enableOTPW [ pkgs.otpw ]
|
||||
++ optionals config.security.pam.oath.enable [ pkgs.oathToolkit ]
|
||||
++ optionals config.security.pam.p11.enable [ pkgs.pam_p11 ]
|
||||
++ optionals config.security.pam.u2f.enable [ pkgs.pam_u2f ];
|
||||
|
||||
boot.supportedFilesystems = optionals config.security.pam.enableEcryptfs [ "ecryptfs" ];
|
||||
|
|
|
@ -45,14 +45,14 @@ in {
|
|||
environment.ROON_DATAROOT = "/var/lib/${name}";
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.roon-server}/opt/start.sh";
|
||||
ExecStart = "${pkgs.roon-server}/start.sh";
|
||||
LimitNOFILE = 8192;
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
StateDirectory = name;
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 9100; to = 9200; }
|
||||
|
@ -60,7 +60,7 @@ in {
|
|||
allowedUDPPorts = [ 9003 ];
|
||||
};
|
||||
|
||||
|
||||
|
||||
users.groups.${cfg.group} = {};
|
||||
users.users.${cfg.user} =
|
||||
if cfg.user == "roon-server" then {
|
||||
|
|
|
@ -42,6 +42,7 @@ in {
|
|||
# It has been possible since https://github.com/flatpak/flatpak/releases/tag/1.3.2
|
||||
# to build a SELinux policy module.
|
||||
|
||||
# TODO: use sysusers.d
|
||||
users.users.flatpak = {
|
||||
description = "Flatpak system helper";
|
||||
group = "flatpak";
|
||||
|
|
|
@ -28,7 +28,10 @@ with lib;
|
|||
malcontent-ui
|
||||
];
|
||||
|
||||
services.dbus.packages = [ pkgs.malcontent ];
|
||||
services.dbus.packages = [
|
||||
# D-Bus services are in `out`, not the default `bin` output that would be picked up by `makeDbusConf`.
|
||||
pkgs.malcontent.out
|
||||
];
|
||||
|
||||
services.accounts-daemon.enable = true;
|
||||
|
||||
|
|
|
@ -125,7 +125,7 @@ in {
|
|||
if [ ! -f '${registrationFile}' ]; then
|
||||
${pkgs.mautrix-telegram}/bin/mautrix-telegram \
|
||||
--generate-registration \
|
||||
--base-config='${pkgs.mautrix-telegram}/example-config.yaml' \
|
||||
--base-config='${pkgs.mautrix-telegram}/${pkgs.mautrix-telegram.pythonModule.sitePackages}/mautrix_telegram/example-config.yaml' \
|
||||
--config='${settingsFile}' \
|
||||
--registration='${registrationFile}'
|
||||
fi
|
||||
|
|
|
@ -4,6 +4,7 @@ with lib;
|
|||
|
||||
let
|
||||
cfg = config.services.do-agent;
|
||||
|
||||
in
|
||||
{
|
||||
options.services.do-agent = {
|
||||
|
@ -11,23 +12,13 @@ in
|
|||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.do-agent ];
|
||||
systemd.packages = [ pkgs.do-agent ];
|
||||
|
||||
systemd.services.do-agent = {
|
||||
description = "DigitalOcean Droplet Metrics Agent";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.do-agent}/bin/do-agent --syslog";
|
||||
Restart = "always";
|
||||
OOMScoreAdjust = -900;
|
||||
SyslogIdentifier = "DigitalOceanAgent";
|
||||
PrivateTmp = "yes";
|
||||
ProtectSystem = "full";
|
||||
ProtectHome = "yes";
|
||||
NoNewPrivileges = "yes";
|
||||
DynamicUser = "yes";
|
||||
ExecStart = [ "" "${pkgs.do-agent}/bin/do-agent --syslog" ];
|
||||
DynamicUser = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -3,31 +3,8 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.bitcoind;
|
||||
pidFile = "${cfg.dataDir}/bitcoind.pid";
|
||||
configFile = pkgs.writeText "bitcoin.conf" ''
|
||||
${optionalString cfg.testnet "testnet=1"}
|
||||
${optionalString (cfg.dbCache != null) "dbcache=${toString cfg.dbCache}"}
|
||||
${optionalString (cfg.prune != null) "prune=${toString cfg.prune}"}
|
||||
|
||||
# Connection options
|
||||
${optionalString (cfg.port != null) "port=${toString cfg.port}"}
|
||||
|
||||
# RPC server options
|
||||
${optionalString (cfg.rpc.port != null) "rpcport=${toString cfg.rpc.port}"}
|
||||
${concatMapStringsSep "\n"
|
||||
(rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}")
|
||||
(attrValues cfg.rpc.users)
|
||||
}
|
||||
|
||||
# Extra config options (from bitcoind nixos service)
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
cmdlineOptions = escapeShellArgs [
|
||||
"-conf=${cfg.configFile}"
|
||||
"-datadir=${cfg.dataDir}"
|
||||
"-pid=${pidFile}"
|
||||
];
|
||||
eachBitcoind = config.services.bitcoind;
|
||||
|
||||
rpcUserOpts = { name, ... }: {
|
||||
options = {
|
||||
|
@ -39,11 +16,14 @@ let
|
|||
'';
|
||||
};
|
||||
passwordHMAC = mkOption {
|
||||
type = with types; uniq (strMatching "[0-9a-f]+\\$[0-9a-f]{64}");
|
||||
type = types.uniq (types.strMatching "[0-9a-f]+\\$[0-9a-f]{64}");
|
||||
example = "f7efda5c189b999524f151318c0c86$d5b51b3beffbc02b724e5d095828e0bc8b2456e9ac8757ae3211a5d9b16a22ae";
|
||||
description = ''
|
||||
Password HMAC-SHA-256 for JSON-RPC connections. Must be a string of the
|
||||
format <SALT-HEX>$<HMAC-HEX>.
|
||||
|
||||
Tool (Python script) for HMAC generation is available here:
|
||||
<link xlink:href="https://github.com/bitcoin/bitcoin/blob/master/share/rpcauth/rpcauth.py"/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -51,10 +31,10 @@ let
|
|||
name = mkDefault name;
|
||||
};
|
||||
};
|
||||
in {
|
||||
options = {
|
||||
|
||||
services.bitcoind = {
|
||||
bitcoindOpts = { config, lib, name, ...}: {
|
||||
options = {
|
||||
|
||||
enable = mkEnableOption "Bitcoin daemon";
|
||||
|
||||
package = mkOption {
|
||||
|
@ -63,12 +43,14 @@ in {
|
|||
defaultText = "pkgs.bitcoind";
|
||||
description = "The package providing bitcoin binaries.";
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.path;
|
||||
default = configFile;
|
||||
example = "/etc/bitcoind.conf";
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
example = "/var/lib/${name}/bitcoin.conf";
|
||||
description = "The configuration file path to supply bitcoind.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
|
@ -79,20 +61,22 @@ in {
|
|||
'';
|
||||
description = "Additional configurations to be appended to <filename>bitcoin.conf</filename>.";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/bitcoind";
|
||||
default = "/var/lib/bitcoind-${name}";
|
||||
description = "The data directory for bitcoind.";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "bitcoin";
|
||||
default = "bitcoind-${name}";
|
||||
description = "The user as which to run bitcoind.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = cfg.user;
|
||||
default = config.user;
|
||||
description = "The group as which to run bitcoind.";
|
||||
};
|
||||
|
||||
|
@ -110,29 +94,36 @@ in {
|
|||
bob.passwordHMAC = "b2dd077cb54591a2f3139e69a897ac$4e71f08d48b4347cf8eff3815c0e25ae2e9a4340474079f55705f40574f4ec99";
|
||||
}
|
||||
'';
|
||||
type = with types; loaOf (submodule rpcUserOpts);
|
||||
description = ''
|
||||
RPC user information for JSON-RPC connnections.
|
||||
'';
|
||||
type = types.attrsOf (types.submodule rpcUserOpts);
|
||||
description = "RPC user information for JSON-RPC connnections.";
|
||||
};
|
||||
};
|
||||
|
||||
pidFile = mkOption {
|
||||
type = types.path;
|
||||
default = "${config.dataDir}/bitcoind.pid";
|
||||
description = "Location of bitcoind pid file.";
|
||||
};
|
||||
|
||||
testnet = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Whether to use the test chain.";
|
||||
description = "Whether to use the testnet instead of mainnet.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.nullOr types.port;
|
||||
default = null;
|
||||
description = "Override the default port on which to listen for connections.";
|
||||
};
|
||||
|
||||
dbCache = mkOption {
|
||||
type = types.nullOr (types.ints.between 4 16384);
|
||||
default = null;
|
||||
example = 4000;
|
||||
description = "Override the default database cache size in megabytes.";
|
||||
description = "Override the default database cache size in MiB.";
|
||||
};
|
||||
|
||||
prune = mkOption {
|
||||
type = types.nullOr (types.coercedTo
|
||||
(types.enum [ "disable" "manual" ])
|
||||
|
@ -149,45 +140,122 @@ in {
|
|||
and -rescan. Warning: Reverting this setting requires re-downloading
|
||||
the entire blockchain. ("disable" = disable pruning blocks, "manual"
|
||||
= allow manual pruning via RPC, >=550 = automatically prune block files
|
||||
to stay under the specified target size in MiB)
|
||||
to stay under the specified target size in MiB).
|
||||
'';
|
||||
};
|
||||
|
||||
extraCmdlineOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
Extra command line options to pass to bitcoind.
|
||||
Run bitcoind --help to list all available options.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 0770 '${cfg.user}' '${cfg.group}' - -"
|
||||
"L '${cfg.dataDir}/bitcoin.conf' - - - - '${cfg.configFile}'"
|
||||
];
|
||||
systemd.services.bitcoind = {
|
||||
description = "Bitcoin daemon";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ExecStart = "${cfg.package}/bin/bitcoind ${cmdlineOptions}";
|
||||
Restart = "on-failure";
|
||||
|
||||
# Hardening measures
|
||||
PrivateTmp = "true";
|
||||
ProtectSystem = "full";
|
||||
NoNewPrivileges = "true";
|
||||
PrivateDevices = "true";
|
||||
MemoryDenyWriteExecute = "true";
|
||||
};
|
||||
options = {
|
||||
services.bitcoind = mkOption {
|
||||
type = types.attrsOf (types.submodule bitcoindOpts);
|
||||
default = {};
|
||||
description = "Specification of one or more bitcoind instances.";
|
||||
};
|
||||
users.users.${cfg.user} = {
|
||||
};
|
||||
|
||||
config = mkIf (eachBitcoind != {}) {
|
||||
|
||||
assertions = flatten (mapAttrsToList (bitcoindName: cfg: [
|
||||
{
|
||||
assertion = (cfg.prune != null) -> (builtins.elem cfg.prune [ "disable" "manual" 0 1 ] || (builtins.isInt cfg.prune && cfg.prune >= 550));
|
||||
message = ''
|
||||
If set, services.bitcoind.${bitcoindName}.prune has to be "disable", "manual", 0 , 1 or >= 550.
|
||||
'';
|
||||
}
|
||||
{
|
||||
assertion = (cfg.rpc.users != {}) -> (cfg.configFile == null);
|
||||
message = ''
|
||||
You cannot set both services.bitcoind.${bitcoindName}.rpc.users and services.bitcoind.${bitcoindName}.configFile
|
||||
as they are exclusive. RPC user setting would have no effect if custom configFile would be used.
|
||||
'';
|
||||
}
|
||||
]) eachBitcoind);
|
||||
|
||||
environment.systemPackages = flatten (mapAttrsToList (bitcoindName: cfg: [
|
||||
cfg.package
|
||||
]) eachBitcoind);
|
||||
|
||||
systemd.services = mapAttrs' (bitcoindName: cfg: (
|
||||
nameValuePair "bitcoind-${bitcoindName}" (
|
||||
let
|
||||
configFile = pkgs.writeText "bitcoin.conf" ''
|
||||
# If Testnet is enabled, we need to add [test] section
|
||||
# otherwise, some options (e.g.: custom RPC port) will not work
|
||||
${optionalString cfg.testnet "[test]"}
|
||||
# RPC users
|
||||
${concatMapStringsSep "\n"
|
||||
(rpcUser: "rpcauth=${rpcUser.name}:${rpcUser.passwordHMAC}")
|
||||
(attrValues cfg.rpc.users)
|
||||
}
|
||||
# Extra config options (from bitcoind nixos service)
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
in {
|
||||
description = "Bitcoin daemon";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/bitcoind \
|
||||
${if (cfg.configFile != null) then
|
||||
"-conf=${cfg.configFile}"
|
||||
else
|
||||
"-conf=${configFile}"
|
||||
} \
|
||||
-datadir=${cfg.dataDir} \
|
||||
-pid=${cfg.pidFile} \
|
||||
${optionalString cfg.testnet "-testnet"}\
|
||||
${optionalString (cfg.port != null) "-port=${toString cfg.port}"}\
|
||||
${optionalString (cfg.prune != null) "-prune=${toString cfg.prune}"}\
|
||||
${optionalString (cfg.dbCache != null) "-dbcache=${toString cfg.dbCache}"}\
|
||||
${optionalString (cfg.rpc.port != null) "-rpcport=${toString cfg.rpc.port}"}\
|
||||
${toString cfg.extraCmdlineOptions}
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
|
||||
# Hardening measures
|
||||
PrivateTmp = "true";
|
||||
ProtectSystem = "full";
|
||||
NoNewPrivileges = "true";
|
||||
PrivateDevices = "true";
|
||||
MemoryDenyWriteExecute = "true";
|
||||
};
|
||||
}
|
||||
))) eachBitcoind;
|
||||
|
||||
systemd.tmpfiles.rules = flatten (mapAttrsToList (bitcoindName: cfg: [
|
||||
"d '${cfg.dataDir}' 0770 '${cfg.user}' '${cfg.group}' - -"
|
||||
]) eachBitcoind);
|
||||
|
||||
users.users = mapAttrs' (bitcoindName: cfg: (
|
||||
nameValuePair "bitcoind-${bitcoindName}" {
|
||||
name = cfg.user;
|
||||
group = cfg.group;
|
||||
description = "Bitcoin daemon user";
|
||||
home = cfg.dataDir;
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.groups.${cfg.group} = {
|
||||
name = cfg.group;
|
||||
};
|
||||
})) eachBitcoind;
|
||||
|
||||
users.groups = mapAttrs' (bitcoindName: cfg: (
|
||||
nameValuePair "${cfg.group}" { }
|
||||
)) eachBitcoind;
|
||||
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ maintainers."1000101" ];
|
||||
|
||||
}
|
||||
|
|
|
@ -11,7 +11,7 @@ let
|
|||
''
|
||||
default-lease-time 600;
|
||||
max-lease-time 7200;
|
||||
authoritative;
|
||||
${optionalString (!cfg.authoritative) "not "}authoritative;
|
||||
ddns-update-style interim;
|
||||
log-facility local1; # see dhcpd.nix
|
||||
|
||||
|
@ -176,6 +176,16 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
authoritative = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether the DHCP server shall send DHCPNAK messages to misconfigured
|
||||
clients. If this is not done, clients may be unable to get a correct
|
||||
IP address after changing subnets until their old lease has expired.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
in
|
||||
|
|
|
@ -64,7 +64,7 @@ in {
|
|||
extraConfig = mkOption {
|
||||
default = {};
|
||||
type = types.attrsOf types.str;
|
||||
description = "Skydns attribute set of extra config options passed as environemnt variables.";
|
||||
description = "Skydns attribute set of extra config options passed as environment variables.";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ with lib;
|
|||
|
||||
let
|
||||
cfg = config.networking.wireless;
|
||||
configFile = if cfg.networks != {} then pkgs.writeText "wpa_supplicant.conf" ''
|
||||
configFile = if cfg.networks != {} || cfg.extraConfig != "" || cfg.userControlled.enable then pkgs.writeText "wpa_supplicant.conf" ''
|
||||
${optionalString cfg.userControlled.enable ''
|
||||
ctrl_interface=DIR=/run/wpa_supplicant GROUP=${cfg.userControlled.group}
|
||||
update_config=1''}
|
||||
|
|
|
@ -195,5 +195,8 @@ in {
|
|||
# Make yggdrasilctl available on the command line.
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
});
|
||||
meta.maintainers = with lib.maintainers; [ gazally ehmry ];
|
||||
meta = {
|
||||
doc = ./yggdrasil.xml;
|
||||
maintainers = with lib.maintainers; [ gazally ehmry ];
|
||||
};
|
||||
}
|
||||
|
|
157
nixos/modules/services/networking/yggdrasil.xml
Normal file
157
nixos/modules/services/networking/yggdrasil.xml
Normal file
|
@ -0,0 +1,157 @@
|
|||
<?xml version="1.0"?>
|
||||
<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xi="http://www.w3.org/2001/XInclude" version="5.0" xml:id="module-services-networking-yggdrasil">
|
||||
<title>Yggdrasil</title>
|
||||
<para>
|
||||
<emphasis>Source:</emphasis>
|
||||
<filename>modules/services/networking/yggdrasil/default.nix</filename>
|
||||
</para>
|
||||
<para>
|
||||
<emphasis>Upstream documentation:</emphasis>
|
||||
<link xlink:href="https://yggdrasil-network.github.io/"/>
|
||||
</para>
|
||||
<para>
|
||||
Yggdrasil is an early-stage implementation of a fully end-to-end encrypted,
|
||||
self-arranging IPv6 network.
|
||||
</para>
|
||||
<section xml:id="module-services-networking-yggdrasil-configuration">
|
||||
<title>Configuration</title>
|
||||
<section xml:id="module-services-networking-yggdrasil-configuration-simple">
|
||||
<title>Simple ephemeral node</title>
|
||||
<para>
|
||||
An annotated example of a simple configuration:
|
||||
<programlisting>
|
||||
{
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
persistentKeys = false;
|
||||
# The NixOS module will generate new keys and a new IPv6 address each time
|
||||
# it is started if persistentKeys is not enabled.
|
||||
|
||||
config = {
|
||||
Peers = [
|
||||
# Yggdrasil will automatically connect and "peer" with other nodes it
|
||||
# discovers via link-local multicast annoucements. Unless this is the
|
||||
# case (it probably isn't) a node needs peers within the existing
|
||||
# network that it can tunnel to.
|
||||
"tcp://1.2.3.4:1024"
|
||||
"tcp://1.2.3.5:1024"
|
||||
# Public peers can be found at
|
||||
# https://github.com/yggdrasil-network/public-peers
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="module-services-networking-yggdrasil-configuration-prefix">
|
||||
<title>Persistent node with prefix</title>
|
||||
<para>
|
||||
A node with a fixed address that announces a prefix:
|
||||
<programlisting>
|
||||
let
|
||||
address = "210:5217:69c0:9afc:1b95:b9f:8718:c3d2";
|
||||
prefix = "310:5217:69c0:9afc";
|
||||
# taken from the output of "yggdrasilctl getself".
|
||||
in {
|
||||
|
||||
services.yggdrasil = {
|
||||
enable = true;
|
||||
persistentKeys = true; # Maintain a fixed public key and IPv6 address.
|
||||
config = {
|
||||
Peers = [ "tcp://1.2.3.4:1024" "tcp://1.2.3.5:1024" ];
|
||||
NodeInfo = {
|
||||
# This information is visible to the network.
|
||||
name = config.networking.hostName;
|
||||
location = "The North Pole";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
# Forward traffic under the prefix.
|
||||
|
||||
networking.interfaces.${eth0}.ipv6.addresses = [{
|
||||
# Set a 300::/8 address on the local physical device.
|
||||
address = prefix + "::1";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
|
||||
services.radvd = {
|
||||
# Annouce the 300::/8 prefix to eth0.
|
||||
enable = true;
|
||||
config = ''
|
||||
interface eth0
|
||||
{
|
||||
AdvSendAdvert on;
|
||||
AdvDefaultLifetime 0;
|
||||
prefix ${prefix}::/64 {
|
||||
AdvOnLink on;
|
||||
AdvAutonomous on;
|
||||
};
|
||||
route 200::/8 {};
|
||||
};
|
||||
'';
|
||||
};
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="module-services-networking-yggdrasil-configuration-container">
|
||||
<title>Yggdrasil attached Container</title>
|
||||
<para>
|
||||
A NixOS container attached to the Yggdrasil network via a node running on the
|
||||
host:
|
||||
<programlisting>
|
||||
let
|
||||
yggPrefix64 = "310:5217:69c0:9afc";
|
||||
# Again, taken from the output of "yggdrasilctl getself".
|
||||
in
|
||||
{
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
# Enable IPv6 forwarding.
|
||||
|
||||
networking = {
|
||||
bridges.br0.interfaces = [ ];
|
||||
# A bridge only to containers…
|
||||
|
||||
interfaces.br0 = {
|
||||
# … configured with a prefix address.
|
||||
ipv6.addresses = [{
|
||||
address = "${yggPrefix64}::1";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
containers.foo = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
# Attach the container to the bridge only.
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.interfaces.eth0.ipv6 = {
|
||||
addresses = [{
|
||||
# Configure a prefix address.
|
||||
address = "${yggPrefix64}::2";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
routes = [{
|
||||
# Configure the prefix route.
|
||||
address = "200::";
|
||||
prefixLength = 7;
|
||||
via = "${yggPrefix64}::1";
|
||||
}];
|
||||
};
|
||||
|
||||
services.httpd.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
</chapter>
|
60
nixos/modules/services/security/yubikey-agent.nix
Normal file
60
nixos/modules/services/security/yubikey-agent.nix
Normal file
|
@ -0,0 +1,60 @@
|
|||
# Global configuration for yubikey-agent.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.yubikey-agent;
|
||||
|
||||
# reuse the pinentryFlavor option from the gnupg module
|
||||
pinentryFlavor = config.programs.gnupg.agent.pinentryFlavor;
|
||||
in
|
||||
{
|
||||
###### interface
|
||||
|
||||
meta.maintainers = with maintainers; [ philandstuff rawkode ];
|
||||
|
||||
options = {
|
||||
|
||||
services.yubikey-agent = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to start yubikey-agent when you log in. Also sets
|
||||
SSH_AUTH_SOCK to point at yubikey-agent.
|
||||
|
||||
Note that yubikey-agent will use whatever pinentry is
|
||||
specified in programs.gnupg.agent.pinentryFlavor.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.yubikey-agent;
|
||||
defaultText = "pkgs.yubikey-agent";
|
||||
description = ''
|
||||
The package used for the yubikey-agent daemon.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
# This overrides the systemd user unit shipped with the
|
||||
# yubikey-agent package
|
||||
systemd.user.services.yubikey-agent = mkIf (pinentryFlavor != null) {
|
||||
path = [ pkgs.pinentry.${pinentryFlavor} ];
|
||||
};
|
||||
|
||||
environment.extraInit = ''
|
||||
if [ -z "$SSH_AUTH_SOCK" -a -n "$XDG_RUNTIME_DIR" ]; then
|
||||
export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/yubikey-agent/yubikey-agent.sock"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
}
|
117
nixos/modules/services/web-servers/molly-brown.nix
Normal file
117
nixos/modules/services/web-servers/molly-brown.nix
Normal file
|
@ -0,0 +1,117 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.molly-brown;
|
||||
|
||||
settingsType = with types;
|
||||
attrsOf (oneOf [
|
||||
int
|
||||
str
|
||||
(listOf str)
|
||||
(attrsOf (oneOf [ int str (listOf str) (attrsOf str) ]))
|
||||
]) // {
|
||||
description = "primitive expression convertable to TOML";
|
||||
};
|
||||
|
||||
configFile = pkgs.runCommand "molly-brown.toml" {
|
||||
buildInputs = [ pkgs.remarshal ];
|
||||
preferLocalBuild = true;
|
||||
passAsFile = [ "settings" ];
|
||||
settings = builtins.toJSON cfg.settings;
|
||||
} "remarshal -if json -of toml < $settingsPath > $out";
|
||||
in {
|
||||
|
||||
options.services.molly-brown = {
|
||||
|
||||
enable = mkEnableOption "Molly-Brown Gemini server";
|
||||
|
||||
port = mkOption {
|
||||
default = 1965;
|
||||
type = types.port;
|
||||
description = ''
|
||||
TCP port for molly-brown to bind to.
|
||||
'';
|
||||
};
|
||||
|
||||
hostName = mkOption {
|
||||
type = types.str;
|
||||
example = literalExample "config.networking.hostName";
|
||||
default = config.networking.hostName;
|
||||
description = ''
|
||||
The hostname to respond to requests for. Requests for URLs with
|
||||
other hosts will result in a status 53 (PROXY REQUEST REFUSED)
|
||||
response.
|
||||
'';
|
||||
};
|
||||
|
||||
certPath = mkOption {
|
||||
type = types.path;
|
||||
example = "/var/lib/acme/example.com/cert.pem";
|
||||
description = ''
|
||||
Path to TLS certificate. An ACME certificate and key may be
|
||||
shared with an HTTP server, but only if molly-brown has
|
||||
permissions allowing it to read such keys.
|
||||
|
||||
As an example:
|
||||
<programlisting>
|
||||
security.acme.certs."example.com".allowKeysForGroup = true;
|
||||
systemd.services.molly-brown.serviceConfig.SupplementaryGroups =
|
||||
[ config.security.acme.certs."example.com".group ];
|
||||
</programlisting>
|
||||
'';
|
||||
};
|
||||
|
||||
keyPath = mkOption {
|
||||
type = types.path;
|
||||
example = "/var/lib/acme/example.com/key.pem";
|
||||
description = "Path to TLS key. See <option>CertPath</option>.";
|
||||
};
|
||||
|
||||
docBase = mkOption {
|
||||
type = types.path;
|
||||
example = "/var/lib/molly-brown";
|
||||
description = "Base directory for Gemini content.";
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = settingsType;
|
||||
default = { };
|
||||
description = ''
|
||||
molly-brown configuration. Refer to
|
||||
<link xlink:href="https://tildegit.org/solderpunk/molly-brown/src/branch/master/example.conf"/>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.molly-brown.settings = let logDir = "/var/log/molly-brown";
|
||||
in {
|
||||
Port = cfg.port;
|
||||
Hostname = cfg.hostName;
|
||||
CertPath = cfg.certPath;
|
||||
KeyPath = cfg.keyPath;
|
||||
DocBase = cfg.docBase;
|
||||
AccessLog = "${logDir}/access.log";
|
||||
ErrorLog = "${logDir}/error.log";
|
||||
};
|
||||
|
||||
systemd.services.molly-brown = {
|
||||
description = "Molly Brown gemini server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
LogsDirectory = "molly-brown";
|
||||
ExecStart = "${pkgs.molly-brown}/bin/molly-brown -c ${configFile}";
|
||||
Restart = "always";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
|
@ -22,7 +22,7 @@ in {
|
|||
|
||||
config = mkMerge [
|
||||
(mkIf (!config.boot.isContainer) {
|
||||
environment.etc."tmpfiles.d/lvm2.conf".source = "${cfg.package}/lib/tmpfiles.d/lvm2.conf";
|
||||
systemd.tmpfiles.packages = [ cfg.package.out ];
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
|
|
|
@ -310,6 +310,11 @@ in rec {
|
|||
services.xserver.desktopManager.gnome3.enable = true;
|
||||
});
|
||||
|
||||
pantheon = makeClosure ({ ... }:
|
||||
{ services.xserver.enable = true;
|
||||
services.xserver.desktopManager.pantheon.enable = true;
|
||||
});
|
||||
|
||||
# Linux/Apache/PostgreSQL/PHP stack.
|
||||
lapp = makeClosure ({ pkgs, ... }:
|
||||
{ services.httpd.enable = true;
|
||||
|
|
|
@ -32,6 +32,7 @@ in
|
|||
beanstalkd = handleTest ./beanstalkd.nix {};
|
||||
bees = handleTest ./bees.nix {};
|
||||
bind = handleTest ./bind.nix {};
|
||||
bitcoind = handleTest ./bitcoind.nix {};
|
||||
bittorrent = handleTest ./bittorrent.nix {};
|
||||
blockbook-frontend = handleTest ./blockbook-frontend.nix {};
|
||||
buildkite-agents = handleTest ./buildkite-agents.nix {};
|
||||
|
@ -319,6 +320,7 @@ in
|
|||
sudo = handleTest ./sudo.nix {};
|
||||
switchTest = handleTest ./switch-test.nix {};
|
||||
sympa = handleTest ./sympa.nix {};
|
||||
syncthing = handleTest ./syncthing.nix {};
|
||||
syncthing-init = handleTest ./syncthing-init.nix {};
|
||||
syncthing-relay = handleTest ./syncthing-relay.nix {};
|
||||
systemd = handleTest ./systemd.nix {};
|
||||
|
|
46
nixos/tests/bitcoind.nix
Normal file
46
nixos/tests/bitcoind.nix
Normal file
|
@ -0,0 +1,46 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "bitcoind";
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
maintainers = with maintainers; [ maintainers."1000101" ];
|
||||
};
|
||||
|
||||
machine = { ... }: {
|
||||
services.bitcoind."mainnet" = {
|
||||
enable = true;
|
||||
rpc = {
|
||||
port = 8332;
|
||||
users.rpc.passwordHMAC = "acc2374e5f9ba9e62a5204d3686616cf$53abdba5e67a9005be6a27ca03a93ce09e58854bc2b871523a0d239a72968033";
|
||||
users.rpc2.passwordHMAC = "1495e4a3ad108187576c68f7f9b5ddc5$accce0881c74aa01bb8960ff3bdbd39f607fd33178147679e055a4ac35f53225";
|
||||
};
|
||||
};
|
||||
services.bitcoind."testnet" = {
|
||||
enable = true;
|
||||
configFile = "/test.blank";
|
||||
testnet = true;
|
||||
rpc = {
|
||||
port = 18332;
|
||||
};
|
||||
extraCmdlineOptions = [ "-rpcuser=rpc" "-rpcpassword=rpc" "-rpcauth=rpc2:1495e4a3ad108187576c68f7f9b5ddc5$accce0881c74aa01bb8960ff3bdbd39f607fd33178147679e055a4ac35f53225" ];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
machine.wait_for_unit("bitcoind-mainnet.service")
|
||||
machine.wait_for_unit("bitcoind-testnet.service")
|
||||
|
||||
machine.wait_until_succeeds(
|
||||
'curl --user rpc:rpc --data-binary \'{"jsonrpc": "1.0", "id":"curltest", "method": "getblockchaininfo", "params": [] }\' -H \'content-type: text/plain;\' localhost:8332 | grep \'"chain":"main"\' '
|
||||
)
|
||||
machine.wait_until_succeeds(
|
||||
'curl --user rpc2:rpc2 --data-binary \'{"jsonrpc": "1.0", "id":"curltest", "method": "getblockchaininfo", "params": [] }\' -H \'content-type: text/plain;\' localhost:8332 | grep \'"chain":"main"\' '
|
||||
)
|
||||
machine.wait_until_succeeds(
|
||||
'curl --user rpc:rpc --data-binary \'{"jsonrpc": "1.0", "id":"curltest", "method": "getblockchaininfo", "params": [] }\' -H \'content-type: text/plain;\' localhost:18332 | grep \'"chain":"test"\' '
|
||||
)
|
||||
machine.wait_until_succeeds(
|
||||
'curl --user rpc2:rpc2 --data-binary \'{"jsonrpc": "1.0", "id":"curltest", "method": "getblockchaininfo", "params": [] }\' -H \'content-type: text/plain;\' localhost:18332 | grep \'"chain":"test"\' '
|
||||
)
|
||||
'';
|
||||
})
|
|
@ -50,6 +50,12 @@ let
|
|||
|
||||
environment.systemPackages = with pkgs; [ gnome-desktop-testing ];
|
||||
|
||||
# The installed tests need to be added to the test VM’s closure.
|
||||
# Otherwise, their dependencies might not actually be registered
|
||||
# as valid paths in the VM’s Nix store database,
|
||||
# and `nix-store --query` commands run as part of the tests
|
||||
# (for example when building Flatpak runtimes) will fail.
|
||||
environment.variables.TESTED_PACKAGE_INSTALLED_TESTS = "${tested.installedTests}/share";
|
||||
};
|
||||
|
||||
testScript =
|
||||
|
|
|
@ -5,14 +5,11 @@ makeInstalledTest {
|
|||
withX11 = true;
|
||||
|
||||
testConfig = {
|
||||
services.xserver.desktopManager.gnome3.enable = true; # TODO: figure out minimal environment where the tests work
|
||||
# common/x11.nix enables the auto display manager (lightdm)
|
||||
services.xserver.displayManager.gdm.enable = false;
|
||||
services.gnome3.core-utilities.enable = false;
|
||||
xdg.portal.enable = true;
|
||||
services.flatpak.enable = true;
|
||||
environment.systemPackages = with pkgs; [ gnupg ostree python2 ];
|
||||
environment.systemPackages = with pkgs; [ gnupg ostree python3 ];
|
||||
virtualisation.memorySize = 2047;
|
||||
virtualisation.diskSize = 1024;
|
||||
virtualisation.diskSize = 3072;
|
||||
};
|
||||
|
||||
testRunnerFlags = "--timeout 3600";
|
||||
|
|
|
@ -3,21 +3,10 @@
|
|||
makeInstalledTest {
|
||||
tested = pkgs.ostree;
|
||||
|
||||
# TODO: Wrap/patch the tests directly in the package
|
||||
testConfig = {
|
||||
environment.systemPackages = with pkgs; [
|
||||
(python3.withPackages (p: with p; [ pyyaml ]))
|
||||
gnupg
|
||||
ostree
|
||||
];
|
||||
|
||||
# for GJS tests
|
||||
environment.variables.GI_TYPELIB_PATH = lib.makeSearchPath "lib/girepository-1.0" (with pkgs; [
|
||||
gtk3
|
||||
pango.out
|
||||
ostree
|
||||
gdk-pixbuf
|
||||
atk
|
||||
]);
|
||||
};
|
||||
}
|
||||
|
|
|
@ -562,7 +562,7 @@ in {
|
|||
"sleep 1",
|
||||
"lvcreate --size 1G --name swap MyVolGroup",
|
||||
"sleep 1",
|
||||
"lvcreate --size 2G --name nixos MyVolGroup",
|
||||
"lvcreate --size 3G --name nixos MyVolGroup",
|
||||
"sleep 1",
|
||||
"mkswap -f /dev/MyVolGroup/swap -L swap",
|
||||
"swapon -L swap",
|
||||
|
|
71
nixos/tests/molly-brown.nix
Normal file
71
nixos/tests/molly-brown.nix
Normal file
|
@ -0,0 +1,71 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }:
|
||||
|
||||
let testString = "NixOS Gemini test successful";
|
||||
in {
|
||||
|
||||
name = "molly-brown";
|
||||
meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ ehmry ]; };
|
||||
|
||||
nodes = {
|
||||
|
||||
geminiServer = { config, pkgs, ... }:
|
||||
let
|
||||
inherit (config.networking) hostName;
|
||||
cfg = config.services.molly-brown;
|
||||
in {
|
||||
|
||||
environment.systemPackages = [
|
||||
(pkgs.writeScriptBin "test-gemini" ''
|
||||
#!${pkgs.python3}/bin/python
|
||||
|
||||
import socket
|
||||
import ssl
|
||||
import tempfile
|
||||
import textwrap
|
||||
import urllib.parse
|
||||
|
||||
url = "gemini://geminiServer/init.gmi"
|
||||
parsed_url = urllib.parse.urlparse(url)
|
||||
|
||||
s = socket.create_connection((parsed_url.netloc, 1965))
|
||||
context = ssl.SSLContext()
|
||||
context.check_hostname = False
|
||||
context.verify_mode = ssl.CERT_NONE
|
||||
s = context.wrap_socket(s, server_hostname=parsed_url.netloc)
|
||||
s.sendall((url + "\r\n").encode("UTF-8"))
|
||||
fp = s.makefile("rb")
|
||||
print(fp.readline().strip())
|
||||
print(fp.readline().strip())
|
||||
print(fp.readline().strip())
|
||||
'')
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ cfg.settings.Port ];
|
||||
|
||||
services.molly-brown = {
|
||||
enable = true;
|
||||
docBase = "/tmp/docs";
|
||||
certPath = "/tmp/cert.pem";
|
||||
keyPath = "/tmp/key.pem";
|
||||
};
|
||||
|
||||
systemd.services.molly-brown.preStart = ''
|
||||
${pkgs.openssl}/bin/openssl genrsa -out "/tmp/key.pem"
|
||||
${pkgs.openssl}/bin/openssl req -new \
|
||||
-subj "/CN=${config.networking.hostName}" \
|
||||
-key "/tmp/key.pem" -out /tmp/request.pem
|
||||
${pkgs.openssl}/bin/openssl x509 -req -days 3650 \
|
||||
-in /tmp/request.pem -signkey "/tmp/key.pem" -out "/tmp/cert.pem"
|
||||
|
||||
mkdir -p "${cfg.settings.DocBase}"
|
||||
echo "${testString}" > "${cfg.settings.DocBase}/test.gmi"
|
||||
'';
|
||||
};
|
||||
};
|
||||
testScript = ''
|
||||
geminiServer.wait_for_unit("molly-brown")
|
||||
geminiServer.wait_for_open_port(1965)
|
||||
geminiServer.succeed("test-gemini")
|
||||
'';
|
||||
|
||||
})
|
|
@ -15,7 +15,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
node.wait_for_open_port(27017)
|
||||
|
||||
assert "hello" in node.succeed(
|
||||
"mongo ${testQuery}"
|
||||
"${pkg}/bin/mongo ${testQuery}"
|
||||
)
|
||||
|
||||
node.execute(
|
||||
|
@ -36,6 +36,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
mongodb-3_4
|
||||
mongodb-3_6
|
||||
mongodb-4_0
|
||||
mongodb-4_2
|
||||
];
|
||||
};
|
||||
};
|
||||
|
@ -46,6 +47,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
+ runMongoDBTest pkgs.mongodb-3_4
|
||||
+ runMongoDBTest pkgs.mongodb-3_6
|
||||
+ runMongoDBTest pkgs.mongodb-4_0
|
||||
+ runMongoDBTest pkgs.mongodb-4_2
|
||||
+ ''
|
||||
node.shutdown()
|
||||
'';
|
||||
|
|
|
@ -32,14 +32,14 @@ let
|
|||
services.dhcpd4 = {
|
||||
enable = true;
|
||||
interfaces = map (n: "eth${toString n}") vlanIfs;
|
||||
extraConfig = ''
|
||||
'' + flip concatMapStrings vlanIfs (n: ''
|
||||
extraConfig = flip concatMapStrings vlanIfs (n: ''
|
||||
subnet 192.168.${toString n}.0 netmask 255.255.255.0 {
|
||||
option routers 192.168.${toString n}.1;
|
||||
range 192.168.${toString n}.2 192.168.${toString n}.254;
|
||||
}
|
||||
'')
|
||||
;
|
||||
machines = lib.flip map vlanIfs (vlan:
|
||||
machines = flip map vlanIfs (vlan:
|
||||
{
|
||||
hostName = "client${toString vlan}";
|
||||
ethernetAddress = qemu-flags.qemuNicMac vlan 1;
|
||||
|
|
65
nixos/tests/syncthing.nix
Normal file
65
nixos/tests/syncthing.nix
Normal file
|
@ -0,0 +1,65 @@
|
|||
import ./make-test-python.nix ({ lib, pkgs, ... }: {
|
||||
name = "syncthing";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chkno ];
|
||||
|
||||
nodes = rec {
|
||||
a = {
|
||||
environment.systemPackages = with pkgs; [ curl libxml2 syncthing ];
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
openDefaultPorts = true;
|
||||
};
|
||||
};
|
||||
b = a;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
import json
|
||||
import shlex
|
||||
|
||||
confdir = "/var/lib/syncthing/.config/syncthing"
|
||||
|
||||
|
||||
def addPeer(host, name, deviceID):
|
||||
APIKey = host.succeed(
|
||||
"xmllint --xpath 'string(configuration/gui/apikey)' %s/config.xml" % confdir
|
||||
).strip()
|
||||
oldConf = host.succeed(
|
||||
"curl -Ss -H 'X-API-Key: %s' 127.0.0.1:8384/rest/system/config" % APIKey
|
||||
)
|
||||
conf = json.loads(oldConf)
|
||||
conf["devices"].append({"deviceID": deviceID, "id": name})
|
||||
conf["folders"].append(
|
||||
{
|
||||
"devices": [{"deviceID": deviceID}],
|
||||
"id": "foo",
|
||||
"path": "/var/lib/syncthing/foo",
|
||||
"rescanIntervalS": 1,
|
||||
}
|
||||
)
|
||||
newConf = json.dumps(conf)
|
||||
host.succeed(
|
||||
"curl -Ss -H 'X-API-Key: %s' 127.0.0.1:8384/rest/system/config -d %s"
|
||||
% (APIKey, shlex.quote(newConf))
|
||||
)
|
||||
|
||||
|
||||
start_all()
|
||||
a.wait_for_unit("syncthing.service")
|
||||
b.wait_for_unit("syncthing.service")
|
||||
a.wait_for_open_port(22000)
|
||||
b.wait_for_open_port(22000)
|
||||
|
||||
aDeviceID = a.succeed("syncthing -home=%s -device-id" % confdir).strip()
|
||||
bDeviceID = b.succeed("syncthing -home=%s -device-id" % confdir).strip()
|
||||
addPeer(a, "b", bDeviceID)
|
||||
addPeer(b, "a", aDeviceID)
|
||||
|
||||
a.wait_for_file("/var/lib/syncthing/foo")
|
||||
b.wait_for_file("/var/lib/syncthing/foo")
|
||||
a.succeed("echo a2b > /var/lib/syncthing/foo/a2b")
|
||||
b.succeed("echo b2a > /var/lib/syncthing/foo/b2a")
|
||||
a.wait_for_file("/var/lib/syncthing/foo/b2a")
|
||||
b.wait_for_file("/var/lib/syncthing/foo/a2b")
|
||||
'';
|
||||
})
|
|
@ -7,6 +7,7 @@ let
|
|||
SigningPrivateKey = "fe3add8da35316c05f6d90d3ca79bd2801e6ccab6d37e5339fef4152589398abe2c43349083bc1e998e4ec4535b4c6a8f44ca9a5a8e07336561267253b2be5f4";
|
||||
};
|
||||
bobIp6 = "201:ebbd:bde9:f138:c302:4afa:1fb6:a19a";
|
||||
bobPrefix = "301:ebbd:bde9:f138";
|
||||
bobConfig = {
|
||||
InterfacePeers = {
|
||||
eth1 = [ "tcp://192.168.1.200:12345" ];
|
||||
|
@ -18,6 +19,7 @@ let
|
|||
SigningPublicKey = "de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b";
|
||||
SigningPrivateKey = "2a6c21550f3fca0331df50668ffab66b6dce8237bcd5728e571e8033b363e247de111da0ec781e45bf6c63ecb45a78c24d7d4655abfaeea83b26c36eb5c0fd5b";
|
||||
};
|
||||
danIp6 = bobPrefix + "::2";
|
||||
|
||||
in import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "yggdrasil";
|
||||
|
@ -69,6 +71,41 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
text = builtins.toJSON bobConfig;
|
||||
});
|
||||
};
|
||||
|
||||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||
|
||||
networking = {
|
||||
bridges.br0.interfaces = [ ];
|
||||
interfaces.br0 = {
|
||||
ipv6.addresses = [{
|
||||
address = bobPrefix + "::1";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
# dan is a node inside a container running on bob's host.
|
||||
containers.dan = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
config = { config, pkgs, ... }: {
|
||||
networking.interfaces.eth0.ipv6 = {
|
||||
addresses = [{
|
||||
address = bobPrefix + "::2";
|
||||
prefixLength = 64;
|
||||
}];
|
||||
routes = [{
|
||||
address = "200::";
|
||||
prefixLength = 7;
|
||||
via = bobPrefix + "::1";
|
||||
}];
|
||||
};
|
||||
services.httpd.enable = true;
|
||||
services.httpd.adminAddr = "foo@example.org";
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# Carol only does local peering. Carol's yggdrasil config is all Nix.
|
||||
|
@ -100,7 +137,7 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
|
||||
bob.start()
|
||||
carol.start()
|
||||
bob.wait_for_unit("yggdrasil.service")
|
||||
bob.wait_for_unit("default.target")
|
||||
carol.wait_for_unit("yggdrasil.service")
|
||||
|
||||
ip_addr_show = "ip -o -6 addr show dev ygg0 scope global"
|
||||
|
@ -117,10 +154,13 @@ in import ./make-test-python.nix ({ pkgs, ...} : {
|
|||
|
||||
carol.succeed("ping -c 1 ${aliceIp6}")
|
||||
carol.succeed("ping -c 1 ${bobIp6}")
|
||||
carol.succeed("ping -c 1 ${bobPrefix}::1")
|
||||
carol.succeed("ping -c 8 ${danIp6}")
|
||||
|
||||
carol.fail("journalctl -u dhcpcd | grep ygg0")
|
||||
|
||||
alice.wait_for_unit("httpd.service")
|
||||
carol.succeed("curl --fail -g http://[${aliceIp6}]")
|
||||
carol.succeed("curl --fail -g http://[${danIp6}]")
|
||||
'';
|
||||
})
|
||||
|
|
|
@ -1,28 +1,21 @@
|
|||
{ stdenv, fetchzip, wxGTK30, pkgconfig, file, gettext,
|
||||
{ stdenv, fetchzip, wxGTK31, pkgconfig, file, gettext,
|
||||
libvorbis, libmad, libjack2, lv2, lilv, serd, sord, sratom, suil, alsaLib, libsndfile, soxr, flac, lame,
|
||||
expat, libid3tag, ffmpeg_3, soundtouch, /*, portaudio - given up fighting their portaudio.patch */
|
||||
autoconf, automake, libtool
|
||||
pcre, vamp-plugin-sdk, portmidi, twolame, git,
|
||||
cmake, libtool
|
||||
}:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.4.1";
|
||||
version = "2.4.2";
|
||||
pname = "audacity";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://github.com/audacity/audacity/archive/Audacity-${version}.tar.gz";
|
||||
sha256 = "1xk0piv72d2xd3p7igr916fhcbrm76fhjr418k1rlqdzzg1hfljn";
|
||||
sha256 = "0lklcvqkxrr2gkb9gh3422iadzl2rv9v0a8s76rwq43lj2im7546";
|
||||
};
|
||||
|
||||
preConfigure = /* we prefer system-wide libs */ ''
|
||||
autoreconf -vi # use system libraries
|
||||
|
||||
# we will get a (possibly harmless) warning during configure without this
|
||||
substituteInPlace configure \
|
||||
--replace /usr/bin/file ${file}/bin/file
|
||||
'';
|
||||
|
||||
configureFlags = [
|
||||
"--with-libsamplerate"
|
||||
];
|
||||
|
@ -43,11 +36,12 @@ stdenv.mkDerivation rec {
|
|||
"-lswscale"
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ pkgconfig autoconf automake libtool ];
|
||||
nativeBuildInputs = [ pkgconfig cmake libtool git ];
|
||||
buildInputs = [
|
||||
file gettext wxGTK30 expat alsaLib
|
||||
libsndfile soxr libid3tag libjack2 lv2 lilv serd sord sratom suil wxGTK30.gtk
|
||||
file gettext wxGTK31 expat alsaLib
|
||||
libsndfile soxr libid3tag libjack2 lv2 lilv serd sord sratom suil wxGTK31.gtk
|
||||
ffmpeg_3 libmad lame libvorbis flac soundtouch
|
||||
pcre vamp-plugin-sdk portmidi twolame
|
||||
]; #ToDo: detach sbsms
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -52,7 +52,7 @@ mkDerivation rec {
|
|||
homepage = "https://mixxx.org";
|
||||
description = "Digital DJ mixing software";
|
||||
license = licenses.gpl2Plus;
|
||||
maintainers = [ maintainers.aszlig maintainers.goibhniu maintainers.bfortz ];
|
||||
maintainers = [ maintainers.goibhniu maintainers.bfortz ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "mopidy-youtube";
|
||||
version = "3.0";
|
||||
version = "3.1";
|
||||
|
||||
src = python3Packages.fetchPypi {
|
||||
inherit version;
|
||||
pname = "Mopidy-YouTube";
|
||||
sha256 = "0x1q9rfnjx65n6hi8s5rw5ff4xv55h63zy52fwm8aksdnzppr7gd";
|
||||
sha256 = "1bn3nxianbal9f81z9wf2cxi893hndvrz2zdqvh1zpxrhs0cr038";
|
||||
};
|
||||
|
||||
patchPhase = "sed s/bs4/beautifulsoup4/ -i setup.cfg";
|
||||
|
|
|
@ -2,14 +2,14 @@
|
|||
, usePulseAudio ? config.pulseaudio or false, libpulseaudio }:
|
||||
|
||||
let
|
||||
version = "0.5.0";
|
||||
version = "0.5.1";
|
||||
in stdenv.mkDerivation {
|
||||
pname = "openmpt123";
|
||||
inherit version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz";
|
||||
sha256 = "0zl3djy9z7cpqk8g8pxrzmmikxsskb0y5qdabg6c683j7x5abjs3";
|
||||
sha256 = "1vpalfsrkbx4vyrh1qy564lr91jwdxlbjivv5gzf8zcywxasf0xa";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -29,11 +29,11 @@
|
|||
# handle that.
|
||||
|
||||
mkDerivation rec {
|
||||
name = "qmmp-1.4.0";
|
||||
name = "qmmp-1.4.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
|
||||
sha256 = "13rhnk55d44svksl13w23w2qkfpkq4mc0jy5mi89nzqkzshwvfd8";
|
||||
sha256 = "0p18r2ri75vbyjzfa7bcl1dm372m6jvn9zj2p5ia2rh1g77fbm9a";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
|
|
|
@ -20,13 +20,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "sooperlooper";
|
||||
version = "unstable-2019-09-30";
|
||||
version = "1.7.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "essej";
|
||||
repo = "sooperlooper";
|
||||
rev = "4d1da14176e16b0f56b727bb1e6c2e8957515625";
|
||||
sha256 = "1gsgqa7hdymzw2al1ymzv0f33y161dyhh3fmy88lpjwv3bfchamg";
|
||||
rev = "v${builtins.replaceStrings [ "." ] [ "_" ] version}";
|
||||
sha256 = "1jng9bkb7iikad0dy1fkiq9wjjdhh1xi1p0cp2lvnz1dsc4yk6iw";
|
||||
};
|
||||
|
||||
autoreconfPhase = ''
|
||||
|
@ -51,6 +51,8 @@ stdenv.mkDerivation rec {
|
|||
fftw
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A live looping sampler capable of immediate loop recording, overdubbing, multiplying, reversing and more";
|
||||
longDescription = ''
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "spotify-tui";
|
||||
version = "0.20.0";
|
||||
version = "0.21.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Rigellute";
|
||||
repo = "spotify-tui";
|
||||
rev = "v${version}";
|
||||
sha256 = "1gdsk620md5nv1r05jysmfhpbcidh15wzyiklkazsb6cppm6qsiy";
|
||||
sha256 = "0pvgq8r1bb7bdxm50hxl0n7ajplpzp1gnf6j55dn6xwck0syml9y";
|
||||
};
|
||||
|
||||
cargoSha256 = "0irfdmik6nrpfs9yzva5q351cfyf1cijxa2a08prwdccrivdk98a";
|
||||
cargoSha256 = "07v1qm5ky99j2lwbl00g80z0f8hfrpwgyqsm8fnda6y9s3vzzdgz";
|
||||
|
||||
nativeBuildInputs = stdenv.lib.optionals stdenv.isLinux [ pkgconfig python3 ];
|
||||
buildInputs = [ ]
|
||||
|
|
60
pkgs/applications/audio/sublime-music/default.nix
Normal file
60
pkgs/applications/audio/sublime-music/default.nix
Normal file
|
@ -0,0 +1,60 @@
|
|||
{ lib, python3Packages, gobject-introspection, gtk3, pango, wrapGAppsHook
|
||||
|
||||
, chromecastSupport ? false
|
||||
, serverSupport ? false
|
||||
, keyringSupport ? true
|
||||
, notifySupport ? true, libnotify
|
||||
, networkSupport ? true, networkmanager
|
||||
}:
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "sublime-music";
|
||||
version = "0.11.0";
|
||||
|
||||
src = python3Packages.fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1rnjc8pjfaq67mq10gy939g77azc80lxf77s9nsaxds4q5j1yrl2";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
gobject-introspection
|
||||
python3Packages.setuptools
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
gtk3
|
||||
pango
|
||||
]
|
||||
++ lib.optional notifySupport libnotify
|
||||
++ lib.optional networkSupport networkmanager
|
||||
;
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
dataclasses-json
|
||||
deepdiff
|
||||
fuzzywuzzy
|
||||
mpv
|
||||
peewee
|
||||
pygobject3
|
||||
python-Levenshtein
|
||||
python-dateutil
|
||||
requests
|
||||
semver
|
||||
]
|
||||
++ lib.optional chromecastSupport PyChromecast
|
||||
++ lib.optional keyringSupport keyring
|
||||
++ lib.optional serverSupport bottle
|
||||
;
|
||||
|
||||
# hook for gobject-introspection doesn't like strictDeps
|
||||
# https://github.com/NixOS/nixpkgs/issues/56943
|
||||
strictDeps = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "GTK3 Subsonic/Airsonic client";
|
||||
homepage = "https://sublimemusic.app/";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ albakham ];
|
||||
};
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "go-ethereum";
|
||||
version = "1.9.17";
|
||||
version = "1.9.18";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ethereum";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "175cy5cqkdhvh3kv2d0madybbz2sdbgxhm8xfb3ydbaf2hzihxmx";
|
||||
sha256 = "0nkzwmrzk0m9662cr18h5i54v07mw8v3fh0csvqx8n50z5fcvb7b";
|
||||
};
|
||||
|
||||
usb = fetchFromGitHub {
|
||||
|
@ -18,7 +18,7 @@ buildGoModule rec {
|
|||
sha256 = "0asd5fz2rhzkjmd8wjgmla5qmqyz4jaa6qf0n2ycia16jsck6wc2";
|
||||
};
|
||||
|
||||
vendorSha256 = "0w2214fllw93xbrlxayhl014aqbjsc8zz7mpik7w5b26m60hn5kr";
|
||||
vendorSha256 = "13wh6r9zi5qw72xkbzy3mcgn7lv9l981x4lniypjbnkwhq2dj5iz";
|
||||
|
||||
overrideModAttrs = (_: {
|
||||
postBuild = ''
|
||||
|
|
|
@ -2,6 +2,8 @@
|
|||
, Xaw3d, libXcursor, pkgconfig, gettext, libXft, dbus, libpng, libjpeg, libungif
|
||||
, libtiff, librsvg, gconf, libxml2, imagemagick, gnutls, libselinux
|
||||
, alsaLib, cairo, acl, gpm, AppKit, GSS, ImageIO, m17n_lib, libotf
|
||||
, jansson, harfbuzz
|
||||
, libgccjit, targetPlatform, binutils, binutils-unwrapped, makeWrapper # native-comp params
|
||||
, systemd ? null
|
||||
, withX ? !stdenv.isDarwin
|
||||
, withNS ? stdenv.isDarwin
|
||||
|
@ -11,6 +13,7 @@
|
|||
, withCsrc ? true
|
||||
, srcRepo ? false, autoconf ? null, automake ? null, texinfo ? null
|
||||
, siteStart ? ./site-start.el
|
||||
, nativeComp ? false
|
||||
, toolkit ? (
|
||||
if withGTK2 then "gtk2"
|
||||
else if withGTK3 then "gtk3"
|
||||
|
@ -28,10 +31,13 @@ assert withGTK3 -> !withGTK2 && gtk3-x11 != null;
|
|||
assert withXwidgets -> withGTK3 && webkitgtk != null;
|
||||
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "emacs-${version}${versionModifier}";
|
||||
let
|
||||
version = "26.3";
|
||||
versionModifier = "";
|
||||
name = "emacs-${version}${versionModifier}";
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
inherit name version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/emacs/${name}.tar.xz";
|
||||
|
@ -50,29 +56,50 @@ stdenv.mkDerivation rec {
|
|||
})
|
||||
];
|
||||
|
||||
postPatch = lib.optionalString srcRepo ''
|
||||
rm -fr .git
|
||||
'';
|
||||
postPatch = lib.concatStringsSep "\n" [
|
||||
(lib.optionalString srcRepo ''
|
||||
rm -fr .git
|
||||
'')
|
||||
|
||||
# Make native compilation work both inside and outside of nix build
|
||||
(lib.optionalString nativeComp (let
|
||||
libPath = lib.concatStringsSep ":" [
|
||||
"${lib.getLib libgccjit}/lib/gcc/${targetPlatform.config}/${libgccjit.version}"
|
||||
"${lib.getLib stdenv.cc.cc}/lib"
|
||||
"${lib.getLib stdenv.glibc}/lib"
|
||||
];
|
||||
in ''
|
||||
substituteInPlace lisp/emacs-lisp/comp.el --replace \
|
||||
"(defcustom comp-async-env-modifier-form nil" \
|
||||
"(defcustom comp-async-env-modifier-form '((setenv \"LIBRARY_PATH\" (string-join (seq-filter (lambda (v) (null (eq v nil))) (list (getenv \"LIBRARY_PATH\") \"${libPath}\")) \":\")))"
|
||||
|
||||
''))
|
||||
|
||||
""
|
||||
];
|
||||
|
||||
CFLAGS = "-DMAC_OS_X_VERSION_MAX_ALLOWED=101200";
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ]
|
||||
LIBRARY_PATH = if nativeComp then "${lib.getLib stdenv.cc.libc}/lib" else "";
|
||||
|
||||
nativeBuildInputs = [ pkgconfig makeWrapper ]
|
||||
++ lib.optionals srcRepo [ autoconf automake texinfo ]
|
||||
++ lib.optional (withX && (withGTK3 || withXwidgets)) wrapGAppsHook;
|
||||
|
||||
buildInputs =
|
||||
[ ncurses gconf libxml2 gnutls alsaLib acl gpm gettext ]
|
||||
[ ncurses gconf libxml2 gnutls alsaLib acl gpm gettext jansson harfbuzz.dev ]
|
||||
++ lib.optionals stdenv.isLinux [ dbus libselinux systemd ]
|
||||
++ lib.optionals withX
|
||||
[ xlibsWrapper libXaw Xaw3d libXpm libpng libjpeg libungif libtiff libXft
|
||||
gconf ]
|
||||
gconf cairo ]
|
||||
++ lib.optionals (withX || withNS) [ imagemagick librsvg ]
|
||||
++ lib.optionals (stdenv.isLinux && withX) [ m17n_lib libotf ]
|
||||
++ lib.optional (withX && withGTK2) gtk2-x11
|
||||
++ lib.optionals (withX && withGTK3) [ gtk3-x11 gsettings-desktop-schemas ]
|
||||
++ lib.optional (stdenv.isDarwin && withX) cairo
|
||||
++ lib.optionals (withX && withXwidgets) [ webkitgtk glib-networking ]
|
||||
++ lib.optionals withNS [ AppKit GSS ImageIO ];
|
||||
++ lib.optionals withNS [ AppKit GSS ImageIO ]
|
||||
++ lib.optionals nativeComp [ libgccjit ]
|
||||
;
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
|
@ -88,7 +115,9 @@ stdenv.mkDerivation rec {
|
|||
then [ "--with-x-toolkit=${toolkit}" "--with-xft" ]
|
||||
else [ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
|
||||
"--with-gif=no" "--with-tiff=no" ])
|
||||
++ lib.optional withXwidgets "--with-xwidgets";
|
||||
++ lib.optional withXwidgets "--with-xwidgets"
|
||||
++ lib.optional nativeComp "--with-nativecomp"
|
||||
;
|
||||
|
||||
preConfigure = lib.optionalString srcRepo ''
|
||||
./autogen.sh
|
||||
|
@ -106,13 +135,16 @@ stdenv.mkDerivation rec {
|
|||
postInstall = ''
|
||||
mkdir -p $out/share/emacs/site-lisp
|
||||
cp ${siteStart} $out/share/emacs/site-lisp/site-start.el
|
||||
|
||||
$out/bin/emacs --batch -f batch-byte-compile $out/share/emacs/site-lisp/site-start.el
|
||||
|
||||
siteVersionDir=`ls $out/share/emacs | grep -v site-lisp | head -n 1`
|
||||
|
||||
rm -rf $out/var
|
||||
rm -rf $out/share/emacs/${version}/site-lisp
|
||||
rm -rf $siteVersionDir
|
||||
'' + lib.optionalString withCsrc ''
|
||||
for srcdir in src lisp lwlib ; do
|
||||
dstdir=$out/share/emacs/${version}/$srcdir
|
||||
dstdir=$siteVersionDir/$srcdir
|
||||
mkdir -p $dstdir
|
||||
find $srcdir -name "*.[chm]" -exec cp {} $dstdir \;
|
||||
cp $srcdir/TAGS $dstdir
|
||||
|
@ -123,16 +155,24 @@ stdenv.mkDerivation rec {
|
|||
mv nextstep/Emacs.app $out/Applications
|
||||
'';
|
||||
|
||||
postFixup =
|
||||
let libPath = lib.makeLibraryPath [
|
||||
libXcursor
|
||||
];
|
||||
in lib.optionalString (stdenv.isLinux && withX && toolkit == "lucid") ''
|
||||
postFixup = lib.concatStringsSep "\n" [
|
||||
|
||||
(lib.optionalString (stdenv.isLinux && withX && toolkit == "lucid") ''
|
||||
patchelf --set-rpath \
|
||||
"$(patchelf --print-rpath "$out/bin/emacs"):${libPath}" \
|
||||
"$(patchelf --print-rpath "$out/bin/emacs"):${lib.makeLibraryPath [ libXcursor ]}" \
|
||||
"$out/bin/emacs"
|
||||
patchelf --add-needed "libXcursor.so.1" "$out/bin/emacs"
|
||||
'';
|
||||
'')
|
||||
|
||||
(lib.optionalString nativeComp ''
|
||||
wrapProgram $out/bin/emacs-* --prefix PATH : "${lib.makeBinPath [ binutils binutils-unwrapped ]}"
|
||||
'')
|
||||
|
||||
];
|
||||
|
||||
passthru = {
|
||||
inherit nativeComp;
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "The extensible, customizable GNU text editor";
|
||||
|
|
|
@ -11,8 +11,8 @@ let
|
|||
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
||||
|
||||
sha256 = {
|
||||
x86_64-linux = "1c8gi2001p2f0zc165cqwwf9f8ls34fgg040qn9l08za7djb9hyv";
|
||||
x86_64-darwin = "06n17s3qa2jkmg5qx3zvshz6rvdx33dhxn65j0x5mi62dv93gjgg";
|
||||
x86_64-linux = "162qwjmm439zplcyjhbb961ircqpdfw13h9ybnik1q128f4650ky";
|
||||
x86_64-darwin = "1kmg1h1gnx9kdnigjzpqd6rlzv7bz01h29ldla2srfr2q6nr0r9v";
|
||||
}.${system};
|
||||
in
|
||||
callPackage ./generic.nix rec {
|
||||
|
@ -21,7 +21,7 @@ in
|
|||
|
||||
# Please backport all compatible updates to the stable release.
|
||||
# This is important for the extension ecosystem.
|
||||
version = "1.46.1";
|
||||
version = "1.47.3";
|
||||
pname = "vscode";
|
||||
|
||||
executableName = "code" + lib.optionalString isInsiders "-insiders";
|
||||
|
|
|
@ -11,8 +11,8 @@ let
|
|||
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
|
||||
|
||||
sha256 = {
|
||||
x86_64-linux = "0l9sg2d0657k9dacy7k2jn8z07z50v8d1czgy4bkzbrj9vz7c6a7";
|
||||
x86_64-darwin = "0mnq0ykahwfrgs28rdy1jl366qyclipsr3apnmhym1xsylk0mpfx";
|
||||
x86_64-linux = "01wzdwb6laa0kwgwwvqri06ckdixg1w4fwcx400vhg3mby4n9wvl";
|
||||
x86_64-darwin = "1byh1x839w4r88yv0k7jpvxvida1xpf7pvnsp6vnawvqpbmdwlw0";
|
||||
}.${system};
|
||||
|
||||
sourceRoot = {
|
||||
|
@ -27,7 +27,7 @@ in
|
|||
|
||||
# Please backport all compatible updates to the stable release.
|
||||
# This is important for the extension ecosystem.
|
||||
version = "1.46.1";
|
||||
version = "1.47.3";
|
||||
pname = "vscodium";
|
||||
|
||||
executableName = "codium";
|
||||
|
|
|
@ -11,11 +11,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "drawio";
|
||||
version = "13.4.5";
|
||||
version = "13.5.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/draw.io-x86_64-${version}.rpm";
|
||||
sha256 = "1vp5krgj0xzhkiidj658ij6j10d2p97l1nifx0nrqysblcz2km3g";
|
||||
sha256 = "00ggm867c5005qfm35qf8a94d87ln91irb1ir6012am2k5bn8c8p";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -88,6 +88,7 @@ stdenv.mkDerivation rec {
|
|||
description = "A desktop application for creating diagrams";
|
||||
homepage = "https://about.draw.io/";
|
||||
license = licenses.asl20;
|
||||
changelog = "https://github.com/jgraph/drawio-desktop/releases/tag/v${version}";
|
||||
maintainers = with maintainers; [ danieldk ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
};
|
||||
|
|
|
@ -13,14 +13,14 @@ let
|
|||
pythonPackages = python3Packages;
|
||||
in
|
||||
mkDerivation rec {
|
||||
version = "1.8";
|
||||
version = "1.9";
|
||||
pname = "renderdoc";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "baldurk";
|
||||
repo = "renderdoc";
|
||||
rev = "v${version}";
|
||||
sha256 = "177j893abplj8wd8j4ava58m1mr7qq8fsffsq0w4hf5xgl5w8fq8";
|
||||
sha256 = "18nparkd435hdbm924jfdvmym7f3xd2fcy96jr4lrkl5rhj2sf85";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "clight";
|
||||
version = "4.0";
|
||||
version = "4.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "FedeDP";
|
||||
repo = "Clight";
|
||||
rev = version;
|
||||
sha256 = "101fp9kwmfmfffpdvv41wf96kdjw0b16xk49g43w32a5wlr74zrq";
|
||||
sha256 = "1j7va217g1k8lxl3lly13js8myf0shjc6knalq8q6lakc6j1mkxx";
|
||||
};
|
||||
|
||||
# bash-completion.pc completionsdir=${bash-completion.out}
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
{ stdenv, fetchFromGitHub, python3, installShellFiles }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.8.1";
|
||||
version = "1.9";
|
||||
pname = "ddgr";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "jarun";
|
||||
repo = "ddgr";
|
||||
rev = "v${version}";
|
||||
sha256 = "0668wzh1gqin0xscy3fly9hz370n2ny175f3kya9bsld0x0jkd5p";
|
||||
sha256 = "0qbdq7k0mmvkjp6qzz88n7vf29liqn6y5w4y39ldqdc8hzw5sld7";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "dunst";
|
||||
version = "1.4.1";
|
||||
version = "1.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dunst-project";
|
||||
repo = "dunst";
|
||||
rev = "v${version}";
|
||||
sha256 = "0xjj1f2jr1ja5grj6wrx5jjz1sx5fpqnvkw7nqi4452j3nc4p4l2";
|
||||
sha256 = "0irwkqcgwkqaylcpvqgh25gn2ysbdm2kydipxfzcq1ddj9ns6f9c";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ perl pkgconfig which systemd makeWrapper ];
|
||||
|
|
|
@ -3,13 +3,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "girara";
|
||||
version = "0.3.4";
|
||||
version = "0.3.5";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://git.pwmt.org/pwmt/${pname}/-/archive/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "08zdsr4zwi49facsl5596l0g1xqqv2jk3sqk841gkxwawcggim44";
|
||||
sha256 = "1n3i960b458172mc3pkq7m9dn5qxry6fms3c3k06v27cjp5whsyf";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ meson ninja pkgconfig gettext check dbus xvfb_run ];
|
||||
|
|
|
@ -1,16 +1,14 @@
|
|||
{ stdenv, buildGoModule, fetchFromGitHub, libsass }:
|
||||
{ stdenv, buildGoModule, fetchFromGitHub }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "hugo";
|
||||
version = "0.73.0";
|
||||
|
||||
buildInputs = [ libsass ];
|
||||
version = "0.74.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gohugoio";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0qhv8kdv5k1xfk6106lxvsz7f92k7w6wk05ngz7qxbkb6zkcnshw";
|
||||
sha256 = "0rikr4yrjvmrv8smvr8jdbcjqwf61y369wn875iywrj63pyr74r9";
|
||||
};
|
||||
|
||||
golibsass = fetchFromGitHub {
|
||||
|
@ -27,7 +25,7 @@ buildGoModule rec {
|
|||
'';
|
||||
});
|
||||
|
||||
vendorSha256 = "07dkmrldsxw59v6r4avj1gr4hsaxybhb14qv61hc777qix2kq9v1";
|
||||
vendorSha256 = "031k8bvca1pb1naw922vg5h95gnwp76dii1cjcs0b1qj93isdibk";
|
||||
|
||||
buildFlags = [ "-tags" "extended" ];
|
||||
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "pdfsam-basic";
|
||||
version = "4.1.3";
|
||||
version = "4.1.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/torakiki/pdfsam/releases/download/v${version}/pdfsam_${version}-1_amd64.deb";
|
||||
sha256 = "1rhv6mf6pr9aaa8516i3b7v6h622qb1p8c4jsy3j0s5wrdry5l9l";
|
||||
sha256 = "1gw3cmc8c1xxc55bm71v1dz9x9560lbhx9nkwprarhxlmn0m0zzp";
|
||||
};
|
||||
|
||||
unpackPhase = ''
|
||||
|
|
|
@ -75,7 +75,7 @@ stdenv.mkDerivation rec {
|
|||
description = "Share one mouse and keyboard between multiple computers";
|
||||
homepage = "http://synergy-project.org/";
|
||||
license = licenses.gpl2;
|
||||
maintainers = with maintainers; [ aszlig enzime ];
|
||||
maintainers = with maintainers; [ enzime ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
buildGoPackage rec {
|
||||
pname = "tut";
|
||||
version = "0.0.13";
|
||||
version = "0.0.14";
|
||||
|
||||
goPackagePath = "github.com/RasmusLindroth/tut";
|
||||
goDeps = ./deps.nix;
|
||||
|
@ -11,7 +11,7 @@ buildGoPackage rec {
|
|||
owner = "RasmusLindroth";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "085qiv9q2hzv1v6qmbddra23acsmmkbwmjqc3cp81gfgl893z7sm";
|
||||
sha256 = "1l7lc6cjx97v9zhc0b6lfzqjmyv1i3qj83drkck36if3mc60vvwi";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
let
|
||||
pname = "Sylk";
|
||||
version = "2.7.2";
|
||||
version = "2.8.0";
|
||||
in
|
||||
|
||||
appimageTools.wrapType2 rec {
|
||||
|
@ -10,7 +10,7 @@ appimageTools.wrapType2 rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "http://download.ag-projects.com/Sylk/Sylk-${version}-x86_64.AppImage";
|
||||
sha256 = "1hz41jan8hw56ahpaajlb1yy5zjkyxrclzmqhklm5x59b76pd0zx";
|
||||
hash = "sha256:09j1kijs31yk3iw2lj7szv1nwkqiqydj3zkkmr49qlib1qj717wh";
|
||||
};
|
||||
|
||||
profile = ''
|
||||
|
|
|
@ -90,5 +90,6 @@ mkChromiumDerivation (base: rec {
|
|||
platforms = platforms.linux;
|
||||
hydraPlatforms = if channel == "stable" then ["aarch64-linux" "x86_64-linux"] else [];
|
||||
timeout = 172800; # 48 hours
|
||||
broken = channel == "dev"; # Requires LLVM 11
|
||||
};
|
||||
})
|
||||
|
|
|
@ -44,7 +44,7 @@ let
|
|||
sha256 = "00y2d35wvqmx9glaqhfb62wdgbfpwr77v0934nnvh9ks71vnsjqy";
|
||||
};
|
||||
});
|
||||
} // lib.optionalAttrs (channel == "dev") {
|
||||
} // lib.optionalAttrs (channel == "beta") {
|
||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||
version = "2020-05-19";
|
||||
src = fetchgit {
|
||||
|
@ -53,6 +53,15 @@ let
|
|||
sha256 = "0197msabskgfbxvhzq73gc3wlr3n9cr4bzrhy5z5irbvy05lxk17";
|
||||
};
|
||||
});
|
||||
} // lib.optionalAttrs (channel == "dev") {
|
||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||
version = "2020-07-20";
|
||||
src = fetchgit {
|
||||
url = "https://gn.googlesource.com/gn";
|
||||
rev = "3028c6a426a4aaf6da91c4ebafe716ae370225fe";
|
||||
sha256 = "0h3wf4152zdvrbb0jbj49q6814lfl3rcy5mj8b2pl9s0ahvkbc6q";
|
||||
};
|
||||
});
|
||||
});
|
||||
|
||||
browser = callPackage ./browser.nix { inherit channel enableWideVine; };
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
# This file is autogenerated from update.sh in the same directory.
|
||||
{
|
||||
beta = {
|
||||
sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp";
|
||||
sha256bin64 = "017ix9a74f2gzlg6in0x6fqgiw8bpk0rypr6wsqqkslywprypjd0";
|
||||
version = "84.0.4147.89";
|
||||
sha256 = "06cl77yi7cb6r7n8mn38d61zmgwxi690qxrkd56hg2773hn06wq5";
|
||||
sha256bin64 = "0a6c44qb0n2hdc42p5xqybnbhgdxd51lyygkqz42fmym6id65v88";
|
||||
version = "85.0.4183.39";
|
||||
};
|
||||
dev = {
|
||||
sha256 = "1dbbr7s8vbhxd0sk4k2yqp630zp1r4gzkkd2a86pzlzq2mjhsk8a";
|
||||
sha256bin64 = "0bphfwi6nkj9nzrjjaffiv27xfblgdikyifsbjl6vv2pawkh335q";
|
||||
version = "85.0.4183.15";
|
||||
sha256 = "1l2d3gk7si1djxn3901fjgykv7nzc8g970m3fb9pjflfrr8f17v6";
|
||||
sha256bin64 = "0flsmy5blrc9gs6cikag7mdlvgkm6mzm745kcq0shfmhanvlkykn";
|
||||
version = "86.0.4209.2";
|
||||
};
|
||||
stable = {
|
||||
sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp";
|
||||
sha256bin64 = "1hzhgvs2ykqsncpnbnhzh09sw1vlsdfjhs06z5gc80l47brdi3wz";
|
||||
version = "84.0.4147.89";
|
||||
sha256 = "1b6cqnwx76pp4y5hvz3qm8lm1ayaxr5578k76164acr35bmypx6a";
|
||||
sha256bin64 = "0znxq5ncyvyysx3p8xikzg8jm8jr51k478y29m985x6c5p5a4zyw";
|
||||
version = "84.0.4147.105";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -51,7 +51,7 @@
|
|||
# https://github.com/NixOS/nixpkgs/issues/31843#issuecomment-346372756 we
|
||||
# have permission to use the official firefox branding.
|
||||
#
|
||||
# Fur purposes of documentation the statement of @sylvestre:
|
||||
# For purposes of documentation the statement of @sylvestre:
|
||||
# > As the person who did part of the work described in the LWN article
|
||||
# > and release manager working for Mozilla, I can confirm the statement
|
||||
# > that I made in
|
||||
|
|
|
@ -27,6 +27,7 @@ let
|
|||
, nameSuffix ? ""
|
||||
, icon ? browserName
|
||||
, extraNativeMessagingHosts ? []
|
||||
, pkcs11Modules ? []
|
||||
, forceWayland ? false
|
||||
, useGlvnd ? true
|
||||
, cfg ? config.${browserName} or {}
|
||||
|
@ -74,7 +75,8 @@ let
|
|||
++ lib.optionals (cfg.enableQuakeLive or false)
|
||||
(with xorg; [ stdenv.cc libX11 libXxf86dga libXxf86vm libXext libXt alsaLib zlib ])
|
||||
++ lib.optional (enableAdobeFlash && (cfg.enableAdobeFlashDRM or false)) hal-flash
|
||||
++ lib.optional (config.pulseaudio or true) libpulseaudio;
|
||||
++ lib.optional (config.pulseaudio or true) libpulseaudio
|
||||
++ pkcs11Modules;
|
||||
gtk_modules = [ libcanberra-gtk2 ];
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
|
@ -154,6 +156,11 @@ let
|
|||
ln -sLt $out/lib/mozilla/native-messaging-hosts $ext/lib/mozilla/native-messaging-hosts/*
|
||||
done
|
||||
|
||||
mkdir -p $out/lib/mozilla/pkcs11-modules
|
||||
for ext in ${toString pkcs11Modules}; do
|
||||
ln -sLt $out/lib/mozilla/pkcs11-modules $ext/lib/mozilla/pkcs11-modules/*
|
||||
done
|
||||
|
||||
# For manpages, in case the program supplies them
|
||||
mkdir -p $out/nix-support
|
||||
echo ${browser} > $out/nix-support/propagated-user-env-packages
|
||||
|
|
|
@ -2,8 +2,9 @@
|
|||
, mkDerivationWith, wrapQtAppsHook, wrapGAppsHook, qtbase, glib-networking
|
||||
, asciidoc, docbook_xml_dtd_45, docbook_xsl, libxml2
|
||||
, libxslt, gst_all_1 ? null
|
||||
, withPdfReader ? true
|
||||
, withMediaPlayback ? true
|
||||
, withPdfReader ? true
|
||||
, withMediaPlayback ? true
|
||||
, backend ? "webengine"
|
||||
}:
|
||||
|
||||
assert withMediaPlayback -> gst_all_1 != null;
|
||||
|
@ -19,6 +20,14 @@ let
|
|||
stripRoot = false;
|
||||
};
|
||||
|
||||
backendPackage =
|
||||
if backend == "webengine" then python3Packages.pyqtwebengine else
|
||||
if backend == "webkit" then python3Packages.pyqt5_with_qtwebkit else
|
||||
throw ''
|
||||
Unknown qutebrowser backend "${backend}".
|
||||
Valid choices are qtwebengine (recommended) or qtwebkit.
|
||||
'';
|
||||
|
||||
in mkDerivationWith python3Packages.buildPythonApplication rec {
|
||||
pname = "qutebrowser";
|
||||
version = "1.13.0";
|
||||
|
@ -46,16 +55,14 @@ in mkDerivationWith python3Packages.buildPythonApplication rec {
|
|||
];
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
pyyaml pyqt5 pyqtwebengine jinja2 pygments
|
||||
pyyaml backendPackage jinja2 pygments
|
||||
pypeg2 cssutils pyopengl attrs setuptools
|
||||
# scripts and userscripts libs
|
||||
tldextract beautifulsoup4
|
||||
pyreadability pykeepass stem
|
||||
];
|
||||
|
||||
patches = [
|
||||
./fix-restart.patch
|
||||
];
|
||||
patches = [ ./fix-restart.patch ];
|
||||
|
||||
dontWrapGApps = true;
|
||||
dontWrapQtApps = true;
|
||||
|
@ -101,7 +108,8 @@ in mkDerivationWith python3Packages.buildPythonApplication rec {
|
|||
postFixup = ''
|
||||
wrapProgram $out/bin/qutebrowser \
|
||||
"''${gappsWrapperArgs[@]}" \
|
||||
"''${qtWrapperArgs[@]}"
|
||||
"''${qtWrapperArgs[@]}" \
|
||||
--add-flags '--backend ${backend}'
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
|
|
@ -46,7 +46,8 @@
|
|||
|
||||
# Hardening
|
||||
, graphene-hardened-malloc
|
||||
, useHardenedMalloc ? graphene-hardened-malloc != null && builtins.elem stdenv.system graphene-hardened-malloc.meta.platforms
|
||||
# crashes with intel driver
|
||||
, useHardenedMalloc ? false
|
||||
|
||||
# Whether to disable multiprocess support to work around crashing tabs
|
||||
# TODO: fix the underlying problem instead of this terrible work-around
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
, bzip2, flac, speex, libopus
|
||||
, libevent, expat, libjpeg, snappy
|
||||
, libpng, libcap
|
||||
, xdg_utils, yasm, minizip, libwebp
|
||||
, xdg_utils, yasm, nasm, minizip, libwebp
|
||||
, libusb1, pciutils, nss, re2, zlib
|
||||
|
||||
, python2Packages, perl, pkgconfig
|
||||
|
@ -13,10 +13,12 @@
|
|||
, bison, gperf
|
||||
, glib, gtk3, dbus-glib
|
||||
, glibc
|
||||
, xorg
|
||||
, libXScrnSaver, libXcursor, libXtst, libGLU, libGL
|
||||
, protobuf, speechd, libXdamage, cups
|
||||
, ffmpeg_3, libxslt, libxml2, at-spi2-core
|
||||
, jre
|
||||
, pipewire_0_2
|
||||
|
||||
# optional dependencies
|
||||
, libgcrypt ? null # gnomeSupport || cupsSupport
|
||||
|
@ -74,7 +76,7 @@ let
|
|||
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
|
||||
|
||||
gnSystemLibraries = [
|
||||
"flac" "libwebp" "libxslt" "yasm" "opus" "snappy" "libpng"
|
||||
"flac" "libwebp" "libxslt" "opus" "snappy" "libpng"
|
||||
# "zlib" # version 77 reports unresolved dependency on //third_party/zlib:zlib_config
|
||||
# "libjpeg" # fails with multiple undefined references to chromium_jpeg_*
|
||||
# "re2" # fails with linker errors
|
||||
|
@ -91,9 +93,10 @@ let
|
|||
bzip2 flac speex opusWithCustomModes
|
||||
libevent expat libjpeg snappy
|
||||
libpng libcap
|
||||
xdg_utils yasm minizip libwebp
|
||||
xdg_utils minizip libwebp
|
||||
libusb1 re2 zlib
|
||||
ffmpeg_3 libxslt libxml2
|
||||
nasm
|
||||
# harfbuzz # in versions over 63 harfbuzz and freetype are being built together
|
||||
# so we can't build with one from system and other from source
|
||||
];
|
||||
|
@ -128,8 +131,9 @@ let
|
|||
nativeBuildInputs = [
|
||||
ninja which python2Packages.python perl pkgconfig
|
||||
python2Packages.ply python2Packages.jinja2 nodejs
|
||||
gnutar
|
||||
] ++ optional (versionAtLeast version "83") python2Packages.setuptools;
|
||||
gnutar python2Packages.setuptools
|
||||
(xorg.xcbproto.override { python = python2Packages.python; })
|
||||
];
|
||||
|
||||
buildInputs = defaultDependencies ++ [
|
||||
nspr nss systemd
|
||||
|
@ -139,6 +143,7 @@ let
|
|||
libXScrnSaver libXcursor libXtst libGLU libGL
|
||||
pciutils protobuf speechd libXdamage at-spi2-core
|
||||
jre
|
||||
pipewire_0_2
|
||||
] ++ optional useVaapi libva
|
||||
++ optional gnomeKeyringSupport libgnome-keyring3
|
||||
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
||||
|
@ -161,13 +166,10 @@ let
|
|||
#
|
||||
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
|
||||
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
|
||||
] ++ optionals (useVaapi) ([ # Fixes for the VA-API build:
|
||||
] ++ optionals (useVaapi) [ # Improvements for the VA-API build:
|
||||
./patches/enable-vdpau-support-for-nvidia.patch # https://aur.archlinux.org/cgit/aur.git/tree/vdpau-support.patch?h=chromium-vaapi
|
||||
./patches/enable-video-acceleration-on-linux.patch # Can be controlled at runtime (i.e. without rebuilding Chromium)
|
||||
] ++ optionals (versionRange "81" "82") [
|
||||
(githubPatch "5b2ff215473e0526b5b24aeff4ad90d369b21c75" "0n00vh8wfpn2ay5fqsxcsx0zadnv7mihm72bcvnrfzh75nzbg902")
|
||||
(githubPatch "98e343ab369e4262511b5fce547728e3e5eefba8" "00wwp653jk0k0yvix00vr7ymgck9dj7fxjwx4nc67ynn84dh6064")
|
||||
]);
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
# We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX
|
||||
|
@ -187,6 +189,11 @@ let
|
|||
'/usr/share/locale/' \
|
||||
'${glibc}/share/locale/'
|
||||
|
||||
substituteInPlace ui/gfx/x/BUILD.gn \
|
||||
--replace \
|
||||
'/usr/share/xcb' \
|
||||
'${xorg.xcbproto}/share/xcb/'
|
||||
|
||||
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
|
||||
chrome/browser/shell_integration_linux.cc
|
||||
|
||||
|
@ -239,7 +246,6 @@ let
|
|||
'';
|
||||
|
||||
gnFlags = mkGnFlags ({
|
||||
linux_use_bundled_binutils = false;
|
||||
use_lld = false;
|
||||
use_gold = true;
|
||||
gold_path = "${stdenv.cc}/bin";
|
||||
|
@ -257,6 +263,8 @@ let
|
|||
# added later in the wrapped -wv build or downloaded from Google.
|
||||
enable_widevine = true;
|
||||
use_cups = cupsSupport;
|
||||
# Provides the enable-webrtc-pipewire-capturer flag to support Wayland screen capture.
|
||||
rtc_use_pipewire = true;
|
||||
|
||||
treat_warnings_as_errors = false;
|
||||
is_clang = stdenv.cc.isClang;
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{ newScope, config, stdenv, llvmPackages_9, llvmPackages_10
|
||||
, makeWrapper, ed
|
||||
, makeWrapper, ed, gnugrep
|
||||
, glib, gtk3, gnome3, gsettings-desktop-schemas, gn, fetchgit
|
||||
, libva ? null
|
||||
, pipewire_0_2
|
||||
, gcc, nspr, nss, runCommand
|
||||
, lib
|
||||
|
||||
|
@ -23,9 +24,7 @@
|
|||
}:
|
||||
|
||||
let
|
||||
llvmPackages = if channel != "stable"
|
||||
then llvmPackages_10
|
||||
else llvmPackages_9;
|
||||
llvmPackages = llvmPackages_10;
|
||||
stdenv = llvmPackages.stdenv;
|
||||
|
||||
callPackage = newScope chromium;
|
||||
|
@ -38,8 +37,6 @@ let
|
|||
mkChromiumDerivation = callPackage ./common.nix ({
|
||||
inherit gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport useOzone;
|
||||
inherit ungoogled;
|
||||
gnChromium = gn;
|
||||
} // lib.optionalAttrs (channel != "stable") {
|
||||
# TODO: Remove after we can update gn for the stable channel (backward incompatible changes):
|
||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||
version = "2020-03-23";
|
||||
|
@ -49,6 +46,15 @@ let
|
|||
sha256 = "00y2d35wvqmx9glaqhfb62wdgbfpwr77v0934nnvh9ks71vnsjqy";
|
||||
};
|
||||
});
|
||||
} // lib.optionalAttrs (channel == "dev") {
|
||||
gnChromium = gn.overrideAttrs (oldAttrs: {
|
||||
version = "2020-05-19";
|
||||
src = fetchgit {
|
||||
url = "https://gn.googlesource.com/gn";
|
||||
rev = "d0a6f072070988e7b038496c4e7d6c562b649732";
|
||||
sha256 = "0197msabskgfbxvhzq73gc3wlr3n9cr4bzrhy5z5irbvy05lxk17";
|
||||
};
|
||||
});
|
||||
});
|
||||
|
||||
browser = callPackage ./browser.nix { inherit channel enableWideVine; };
|
||||
|
@ -140,7 +146,7 @@ let
|
|||
(!enableVaapi)
|
||||
"--add-flags --disable-accelerated-video-decode --add-flags --disable-accelerated-video-encode";
|
||||
in stdenv.mkDerivation {
|
||||
name = "chromium${suffix}-${version}";
|
||||
name = "ungoogled-chromium${suffix}-${version}";
|
||||
inherit version;
|
||||
|
||||
buildInputs = [
|
||||
|
@ -158,7 +164,7 @@ in stdenv.mkDerivation {
|
|||
buildCommand = let
|
||||
browserBinary = "${chromiumWV}/libexec/chromium/chromium";
|
||||
getWrapperFlags = plugin: "$(< \"${plugin}/nix-support/wrapper-flags\")";
|
||||
libPath = stdenv.lib.makeLibraryPath [ libva ];
|
||||
libPath = stdenv.lib.makeLibraryPath [ libva pipewire_0_2 ];
|
||||
|
||||
in with stdenv.lib; ''
|
||||
mkdir -p "$out/bin"
|
||||
|
@ -185,7 +191,7 @@ in stdenv.mkDerivation {
|
|||
'' + ''
|
||||
|
||||
# libredirect causes chromium to deadlock on startup
|
||||
export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | tr ':' '\n' | grep -v /lib/libredirect\\\\.so$ | tr '\n' ':')"
|
||||
export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | tr ':' '\n' | ${gnugrep}/bin/grep -v /lib/libredirect\\\\.so$ | tr '\n' ':')"
|
||||
|
||||
export XDG_DATA_DIRS=$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH\''${XDG_DATA_DIRS:+:}\$XDG_DATA_DIRS
|
||||
|
||||
|
|
|
@ -31,15 +31,6 @@
|
|||
// TODO(crbug.com/912295): Enable a better BufferAllocationMode for IMPORT
|
||||
// |output_mode_| as well.
|
||||
if (output_mode_ == VideoDecodeAccelerator::Config::OutputMode::IMPORT)
|
||||
@@ -1105,7 +1113,7 @@ VaapiVideoDecodeAccelerator::DecideBufferAllocationMode() {
|
||||
// depends on the bitstream and sometimes it's not enough to cover the amount
|
||||
// of frames needed by the client pipeline (see b/133733739).
|
||||
// TODO(crbug.com/911754): Enable for VP9 Profile 2.
|
||||
- if (IsGeminiLakeOrLater() &&
|
||||
+ if (false && IsGeminiLakeOrLater() &&
|
||||
(profile_ == VP9PROFILE_PROFILE0 || profile_ == VP8PROFILE_ANY)) {
|
||||
// Add one to the reference frames for the one being currently egressed, and
|
||||
// an extra allocation for both |client_| and |decoder_|, see
|
||||
--- a/media/gpu/vaapi/vaapi_video_decode_accelerator.h
|
||||
+++ b/media/gpu/vaapi/vaapi_video_decode_accelerator.h
|
||||
@@ -204,6 +204,7 @@ class MEDIA_GPU_EXPORT VaapiVideoDecodeAccelerator
|
||||
|
|
|
@ -44,11 +44,11 @@ let
|
|||
|
||||
flash = stdenv.mkDerivation rec {
|
||||
pname = "flashplayer-ppapi";
|
||||
version = "32.0.0.371";
|
||||
version = "32.0.0.403";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://fpdownload.adobe.com/pub/flashplayer/pdc/${version}/flash_player_ppapi_linux.x86_64.tar.gz";
|
||||
sha256 = "1nks2wx74b21hv0l7bnrzkxn7c6p6r8zgwbqvy3cqpi8famyr5v9";
|
||||
sha256 = "1xirngiqypylgm8f3ddvny2ghqxgj8i98bm1carcj2vryw53wwal";
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"81.0.4044.138" = {
|
||||
rev = "81.0.4044.138-1";
|
||||
sha256 = "1qa5lw2psaqxr2zklaldx4sm6by4gsw3mfrp01ijc4kkp9jmvg7r";
|
||||
"84.0.4147.89" = {
|
||||
rev = "84.0.4147.89-1";
|
||||
sha256 = "1bqvcq3dj6615198j7cz3ylyyic5zpis06capvl6ybl1na3ainb0";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,18 +1,18 @@
|
|||
# This file is autogenerated from update.sh in the same directory.
|
||||
{
|
||||
beta = {
|
||||
sha256 = "0z9p4v5mkinf7hbdagh4bz6ymqjxg3df3wjpvm201ilzzngmjqz1";
|
||||
sha256bin64 = "1srvlirhnynh0q2a17p8z13p7r54z0cchh1d1h07hqljnwmsf8qj";
|
||||
version = "83.0.4103.34";
|
||||
sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp";
|
||||
sha256bin64 = "017ix9a74f2gzlg6in0x6fqgiw8bpk0rypr6wsqqkslywprypjd0";
|
||||
version = "84.0.4147.89";
|
||||
};
|
||||
dev = {
|
||||
sha256 = "178fc112bsbrgj2hss78y8rhnz8hl85fr33gawk9fz88zk5qz7xd";
|
||||
sha256bin64 = "06qra245l2bbgxc3k04aabkgq1qnzybnrjhrjb25vriv31ji36b1";
|
||||
version = "84.0.4128.3";
|
||||
sha256 = "1dbbr7s8vbhxd0sk4k2yqp630zp1r4gzkkd2a86pzlzq2mjhsk8a";
|
||||
sha256bin64 = "0bphfwi6nkj9nzrjjaffiv27xfblgdikyifsbjl6vv2pawkh335q";
|
||||
version = "85.0.4183.15";
|
||||
};
|
||||
stable = {
|
||||
sha256 = "19kpzmqmld0m0nflx13w9flxfal19msnxhzl3lip1jqih65z4y7l";
|
||||
sha256bin64 = "0sl4wv7npc3rhi7jgn679hi7j5ykzwpx5dahy78h87yfg4fx84wx";
|
||||
version = "81.0.4044.138";
|
||||
sha256 = "0yf6j0459qzr677zsa2apmfz0x0ndlscvwj1a5v40nqjijchv5qp";
|
||||
sha256bin64 = "1hzhgvs2ykqsncpnbnhzh09sw1vlsdfjhs06z5gc80l47brdi3wz";
|
||||
version = "84.0.4147.89";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -19,13 +19,13 @@ let
|
|||
in
|
||||
buildGoModule rec {
|
||||
pname = "argo";
|
||||
version = "2.9.3";
|
||||
version = "2.9.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "argoproj";
|
||||
repo = "argo";
|
||||
rev = "v${version}";
|
||||
sha256 = "1nflzcp8h4kc4986ah2ixws1rpndz1z225jqwfbiyr3yky3him4n";
|
||||
sha256 = "156102xqwmsq3g9jammfib0ri22a0nzk96zrv5774gidjvy2xb55";
|
||||
};
|
||||
|
||||
vendorSha256 = "1vqmzz76lcwwnw89n4lyg4jjf7wbdgn9sdzwsgrjwkj8ax7d48cv";
|
||||
|
|
|
@ -1,24 +1,33 @@
|
|||
{ stdenv, buildGoModule, fetchFromGitHub }:
|
||||
{ stdenv, buildGoModule, fetchFromGitHub, installShellFiles }:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "kube3d";
|
||||
version = "1.7.0";
|
||||
k3sVersion = "1.17.3-k3s1";
|
||||
version = "3.0.0";
|
||||
k3sVersion = "1.18.6-k3s1";
|
||||
|
||||
goPackagePath = "github.com/rancher/k3d";
|
||||
excludedPackages = ''tools'';
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rancher";
|
||||
repo = "k3d";
|
||||
rev = "v${version}";
|
||||
sha256 = "0aij2l7zmg4cxbw7pwf7ddc64di25hpjvbmp1madhz9q28rwfa9w";
|
||||
sha256 = "1p4rqzi67cr8vf1ih7zqxkpssqq0vy4pb5crvkxbbf5ad5mwrjri";
|
||||
};
|
||||
|
||||
buildFlagsArray = ''
|
||||
-ldflags=
|
||||
-w -s
|
||||
-X github.com/rancher/k3d/version.Version=${version}
|
||||
-X github.com/rancher/k3d/version.K3sVersion=v${k3sVersion}
|
||||
-X github.com/rancher/k3d/v3/version.Version=v${version}
|
||||
-X github.com/rancher/k3d/v3/version.K3sVersion=v${k3sVersion}
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
postInstall = ''
|
||||
for shell in bash zsh; do
|
||||
$out/bin/k3d completion $shell > k3d.$shell
|
||||
installShellCompletion k3d.$shell
|
||||
done
|
||||
'';
|
||||
|
||||
vendorSha256 = null;
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "luigi";
|
||||
version = "3.0.0";
|
||||
version = "3.0.1";
|
||||
|
||||
src = python3Packages.fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1km9fnq4pf0iqqcmz94idm0zb3l92zinz0bn6ip86xqhchafd4vf";
|
||||
sha256 = "02c480f5pjgqsvqnkaw7f6n4nhdspmhq5w7lw8sgg2v3jghg8n7i";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [ dateutil tornado_4 python-daemon boto3 ];
|
||||
|
|
|
@ -0,0 +1,56 @@
|
|||
{ lib
|
||||
, GitPython
|
||||
, buildPythonApplication
|
||||
, emoji
|
||||
, fetchFromGitHub
|
||||
, filetype
|
||||
, ipython
|
||||
, junit-xml
|
||||
, lxml
|
||||
, mock
|
||||
, netaddr
|
||||
, pytestCheckHook
|
||||
, python3Packages
|
||||
, radish-bdd
|
||||
, semver
|
||||
}:
|
||||
|
||||
buildPythonApplication rec {
|
||||
pname = "terraform-compliance";
|
||||
version = "1.2.11";
|
||||
|
||||
# No tests in Pypi package
|
||||
src = fetchFromGitHub {
|
||||
owner = "eerkunt";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "161mszmxqp3wypnda48ama2mmq8yjilkxahwc1mxjwzy1n19sn7v";
|
||||
};
|
||||
|
||||
checkInputs = [ pytestCheckHook ];
|
||||
|
||||
disabledTests = [
|
||||
"test_which_success"
|
||||
"test_readable_plan_file_is_not_json"
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
GitPython
|
||||
emoji
|
||||
filetype
|
||||
ipython
|
||||
junit-xml
|
||||
lxml
|
||||
mock
|
||||
netaddr
|
||||
radish-bdd
|
||||
semver
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "BDD test framework for terraform";
|
||||
homepage = https://github.com/eerkunt/terraform-compliance;
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ kalbasit ];
|
||||
};
|
||||
}
|
|
@ -48,6 +48,7 @@ let
|
|||
kalbasit
|
||||
marsam
|
||||
babariviere
|
||||
Chili-Man
|
||||
];
|
||||
};
|
||||
} // attrs');
|
||||
|
@ -118,8 +119,8 @@ in rec {
|
|||
terraform_0_11-full = terraform_0_11.full;
|
||||
|
||||
terraform_0_12 = pluggable (generic {
|
||||
version = "0.12.28";
|
||||
sha256 = "05ymr6vc0sqh1sia0qawhz0mag8jdrq157mbj9bkdpsnlyv209p3";
|
||||
version = "0.12.29";
|
||||
sha256 = "18i7vkvnvfybwzhww8d84cyh93xfbwswcnwfrgvcny1qwm8rsaj8";
|
||||
patches = [
|
||||
./provider-path.patch
|
||||
(fetchpatch {
|
||||
|
@ -131,8 +132,8 @@ in rec {
|
|||
});
|
||||
|
||||
terraform_0_13 = pluggable (generic {
|
||||
version = "0.13.0-beta3";
|
||||
sha256 = "199rrw0kjp9qwa8llwmihgnqrgs4vr0zrbik5w5bfkrldyqp2ynb";
|
||||
version = "0.13.0-rc1";
|
||||
sha256 = "1lja2s9viz5ja40qmlf49p6hk3rwdz6q0rw3ff1894b464zbsnk2";
|
||||
patches = [ ./provider-path.patch ];
|
||||
passthru = { inherit plugins; };
|
||||
});
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -1,37 +1,34 @@
|
|||
{ lib
|
||||
, rustPlatform
|
||||
, fetchFromGitLab
|
||||
, gdk-pixbuf
|
||||
, glib
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
, wrapGAppsHook
|
||||
, gsettings-desktop-schemas
|
||||
, gdk-pixbuf
|
||||
, glib
|
||||
, gtk3
|
||||
, libhandy
|
||||
, librsvg
|
||||
, openssl
|
||||
, sqlite
|
||||
, webkitgtk
|
||||
, glib-networking
|
||||
, librsvg
|
||||
, gst_all_1
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "newsflash";
|
||||
version = "1.0.1";
|
||||
version = "1.0.2";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
owner = "news-flash";
|
||||
repo = "news_flash_gtk";
|
||||
rev = version;
|
||||
sha256 = "1y2jj3z08m29s6ggl8q270mqnvdwibs0f2kxybqhi8mya5pyw902";
|
||||
sha256 = "17a8fd5rhs56qrqlfj9ckv45hwfcjhdb8j4cxlnvy7s770s225gd";
|
||||
};
|
||||
|
||||
cargoPatches = [
|
||||
./cargo.lock.patch
|
||||
];
|
||||
|
||||
cargoSha256 = "0z3nhzpyckga112wn32zzwwlpqdgi6n53n8nwgggixvpbnh98112";
|
||||
cargoSha256 = "1p0m7la59fn9r2rr26q9mfd1nvyvxb630qiwj96x91p77xv1i30i";
|
||||
|
||||
patches = [
|
||||
./no-post-install.patch
|
||||
|
@ -43,25 +40,37 @@ rustPlatform.buildRustPackage rec {
|
|||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
gdk-pixbuf # provides setup hook to fix "Unrecognized image file format"
|
||||
glib # provides glib-compile-resources to compile gresources
|
||||
meson
|
||||
ninja
|
||||
pkg-config
|
||||
wrapGAppsHook
|
||||
|
||||
# Provides setup hook to fix "Unrecognized image file format"
|
||||
gdk-pixbuf
|
||||
|
||||
# Provides glib-compile-resources to compile gresources
|
||||
glib
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
gdk-pixbuf
|
||||
glib
|
||||
gsettings-desktop-schemas # used to get system default font in src/article_view/mod.rs
|
||||
gtk3
|
||||
libhandy
|
||||
librsvg # used by gdk-pixbuf & wrapGAppsHook setup hooks to fix "Unrecognized image file format"
|
||||
openssl
|
||||
sqlite
|
||||
webkitgtk
|
||||
];
|
||||
|
||||
# TLS support for loading external content in webkitgtk WebView
|
||||
glib-networking
|
||||
|
||||
# SVG support for gdk-pixbuf
|
||||
librsvg
|
||||
] ++ (with gst_all_1; [
|
||||
# Audio & video & support for webkitgtk WebView
|
||||
gstreamer
|
||||
gst-plugins-base
|
||||
gst-plugins-good
|
||||
gst-plugins-bad
|
||||
]);
|
||||
|
||||
# Unset default rust phases to use meson & ninja instead
|
||||
configurePhase = null;
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
{
|
||||
"name": "element-desktop",
|
||||
"productName": "Element (Riot)",
|
||||
"productName": "Element",
|
||||
"main": "src/electron-main.js",
|
||||
"version": "1.7.1",
|
||||
"version": "1.7.2",
|
||||
"description": "A feature-rich client for Matrix.org",
|
||||
"author": "Element",
|
||||
"repository": {
|
||||
|
@ -42,13 +42,14 @@
|
|||
"electron-builder-squirrel-windows": "^22.7.0",
|
||||
"electron-devtools-installer": "^2.2.4",
|
||||
"electron-notarize": "^0.2.0",
|
||||
"eslint": "^5.8.0",
|
||||
"eslint": "7.3.1",
|
||||
"eslint-config-google": "^0.7.1",
|
||||
"eslint-config-matrix-org": "^0.1.2",
|
||||
"eslint-plugin-babel": "^4.1.2",
|
||||
"find-npm-prefix": "^1.0.2",
|
||||
"fs-extra": "^8.1.0",
|
||||
"glob": "^7.1.6",
|
||||
"matrix-js-sdk": "7.1.0",
|
||||
"matrix-js-sdk": "8.0.0",
|
||||
"mkdirp": "^1.0.3",
|
||||
"needle": "^2.5.0",
|
||||
"node-pre-gyp": "^0.15.0",
|
||||
|
|
File diff suppressed because it is too large
Load diff
|
@ -8,12 +8,12 @@
|
|||
|
||||
let
|
||||
executableName = "element-desktop";
|
||||
version = "1.7.1";
|
||||
version = "1.7.2";
|
||||
src = fetchFromGitHub {
|
||||
owner = "vector-im";
|
||||
repo = "riot-desktop";
|
||||
rev = "v${version}";
|
||||
sha256 = "0sl45mxgp0sngxnba8ilsghzgv6cv36ggah1k2204ggzby13blg6";
|
||||
sha256 = "1b3ckmqbhbkfghlkckb3ixr4i2pzdisz6pi929q5qj91f3ihxv4x";
|
||||
};
|
||||
electron = electron_9;
|
||||
|
||||
|
|
|
@ -12,11 +12,11 @@ let
|
|||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "element-web";
|
||||
version = "1.7.1";
|
||||
version = "1.7.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/vector-im/riot-web/releases/download/v${version}/riot-v${version}.tar.gz";
|
||||
sha256 = "1axmf5h0k709kbpgh3ldsf6f8k9n2q623pk4j0nrshlxa9ighsay";
|
||||
sha256 = "0wjr5pd25c31f2w48amqvfmd720ih8hfr1rzd8mljvqb1fbakry3";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
|
|
|
@ -62,7 +62,7 @@ python3.pkgs.buildPythonApplication rec {
|
|||
homepage = "http://gajim.org/";
|
||||
description = "Jabber client written in PyGTK";
|
||||
license = lib.licenses.gpl3Plus;
|
||||
maintainers = with lib.maintainers; [ raskin aszlig abbradar ];
|
||||
maintainers = with lib.maintainers; [ raskin abbradar ];
|
||||
downloadPage = "http://gajim.org/downloads.php";
|
||||
updateWalker = true;
|
||||
platforms = lib.platforms.linux;
|
||||
|
|
|
@ -35,8 +35,10 @@ in stdenv.mkDerivation rec {
|
|||
--replace Exec=/opt/Rambox/rambox Exec=rambox
|
||||
'';
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram $out/opt/Rambox/rambox --prefix PATH : ${xdg_utils}/bin
|
||||
preFixup = ''
|
||||
gappsWrapperArgs+=(
|
||||
--prefix PATH : ${xdg_utils}/bin
|
||||
)
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
|
|
@ -5,12 +5,12 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "ripcord";
|
||||
version = "0.4.25";
|
||||
version = "0.4.26";
|
||||
|
||||
src = let
|
||||
appimage = fetchurl {
|
||||
url = "https://cancel.fm/dl/Ripcord-${version}-x86_64.AppImage";
|
||||
sha256 = "17s4fxqirmzdw0sn9s9zyk90gr00ivsmz4s6i6knsq354zhy5fda";
|
||||
sha256 = "0i9l21gyqga27ainzqp6icn8vbc22v1knq01pglgg1lg3p504ikq";
|
||||
name = "${pname}-${version}.AppImage";
|
||||
};
|
||||
in appimageTools.extract {
|
||||
|
@ -51,7 +51,8 @@ mkDerivation rec {
|
|||
--run "cd $out" \
|
||||
--set FONTCONFIG_FILE "${fontsConf}" \
|
||||
--prefix LD_LIBRARY_PATH ":" "${xorg.libXcursor}/lib" \
|
||||
--prefix QT_XKB_CONFIG_ROOT ":" "${xorg.xkeyboardconfig}/share/X11/xkb"
|
||||
--prefix QT_XKB_CONFIG_ROOT ":" "${xorg.xkeyboardconfig}/share/X11/xkb" \
|
||||
--set RIPCORD_ALLOW_UPDATES 0
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
|
|
@ -19,12 +19,12 @@ with lib;
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "telegram-desktop";
|
||||
version = "2.1.13";
|
||||
version = "2.2.0";
|
||||
|
||||
# Telegram-Desktop with submodules
|
||||
src = fetchurl {
|
||||
url = "https://github.com/telegramdesktop/tdesktop/releases/download/v${version}/tdesktop-${version}-full.tar.gz";
|
||||
sha256 = "0mq3f7faxn1hfkhv5n37y5iajjnm38s2in631046m0q7c4w3lrfi";
|
||||
sha256 = "1chikb02df4qqnickcmx96lcx481b14kmksjsp7h94g0d223ypq0";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
with stdenv.lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.29.3";
|
||||
version = "0.30";
|
||||
pname = "notmuch";
|
||||
|
||||
passthru = {
|
||||
|
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://notmuchmail.org/releases/${pname}-${version}.tar.xz";
|
||||
sha256 = "0dfwa38vgnxk9cvvpza66szjgp8lir6iz6yy0cry9593lywh9xym";
|
||||
sha256 = "1ylnj12f7xr18v3ckb1nwc2aw2rj3ghqnj5f4rzccr8xw5pslfsy";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -1,20 +0,0 @@
|
|||
diff --git a/meson.build b/meson.build
|
||||
index cc6fa03..7c2b280 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -24,6 +24,7 @@ add_project_arguments(c_args, language: 'c')
|
||||
cc = meson.get_compiler('c')
|
||||
|
||||
libm = cc.find_library('m', required: false)
|
||||
+librt = cc.find_library('rt', required: false)
|
||||
|
||||
pixman = dependency('pixman-1')
|
||||
libuv = dependency('libuv')
|
||||
@@ -65,6 +66,7 @@ sources = [
|
||||
|
||||
dependencies = [
|
||||
libm,
|
||||
+ librt,
|
||||
pixman,
|
||||
libuv,
|
||||
egl,
|
|
@ -1,27 +1,20 @@
|
|||
{ stdenv, fetchFromGitHub, meson, pkg-config, ninja
|
||||
, pixman, libuv, libGL, libxkbcommon, wayland, neatvnc, libdrm, libX11
|
||||
, pixman, libxkbcommon, wayland, neatvnc, libdrm, libX11, aml
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "wayvnc";
|
||||
version = "0.1.2";
|
||||
version = "0.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "any1";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0aa12fkbwhzs0g2pqw1b27l33nn5dpbcvsf1z8h88kwsf9xdvb2r";
|
||||
sha256 = "1ddcf8hrxhx4rcwvbjwa5j3ygiwca2dpw26wl37pb0q0jr81wylv";
|
||||
};
|
||||
|
||||
patches = [ ./add-missing-librt.patch ];
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace meson.build \
|
||||
--replace "version: '0.1.0'" "version: '${version}'"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ meson pkg-config ninja ];
|
||||
buildInputs = [ pixman libuv libGL libxkbcommon wayland neatvnc libdrm libX11 ];
|
||||
nativeBuildInputs = [ meson pkg-config ninja wayland ];
|
||||
buildInputs = [ pixman libxkbcommon wayland neatvnc libdrm libX11 aml ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A VNC server for wlroots based Wayland compositors";
|
||||
|
|
|
@ -17,8 +17,11 @@ let
|
|||
inherit makeDesktopItem pname suiteName;
|
||||
};
|
||||
shortEdition = builtins.substring 2 2 edition;
|
||||
in stdenv.mkDerivation rec {
|
||||
inherit pname version edition shortEdition src;
|
||||
in stdenv.mkDerivation {
|
||||
inherit pname src;
|
||||
|
||||
version = "${edition}.${version}";
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoPatchelfHook
|
||||
makeWrapper
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "3.3";
|
||||
version = "3.3.1";
|
||||
pname = "hmmer";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://eddylab.org/software/hmmer/${pname}-${version}.tar.gz";
|
||||
sha256 = "0v3kcgkr6jihq0xmpgn2xd5q7wiwvj6yswa905k2c0v7mx0bz1h1";
|
||||
sha256 = "1mcvr74w6ffd5z0p8v3jss473mbgard9lz5whjnk95c661lnmrlc";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -20,6 +20,6 @@ stdenv.mkDerivation rec {
|
|||
homepage = "http://hmmer.org/";
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.iimog ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -29,6 +29,6 @@ stdenv.mkDerivation rec {
|
|||
homepage = "https://microbiology.se/software/itsx/";
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.bzizou ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ lib, stdenv, gnome3, pkgs, wxGTK30, wxGTK31
|
||||
{ lib, stdenv, gnome3, wxGTK30, wxGTK31
|
||||
, makeWrapper
|
||||
, gsettings-desktop-schemas, hicolor-icon-theme
|
||||
, callPackage, callPackages
|
||||
, librsvg, cups
|
||||
|
@ -8,7 +9,7 @@
|
|||
, oceSupport ? false, opencascade
|
||||
, withOCCT ? true, opencascade-occt
|
||||
, ngspiceSupport ? true, libngspice
|
||||
, scriptingSupport ? true, swig, python3
|
||||
, scriptingSupport ? false, swig, python3
|
||||
, debug ? false, valgrind
|
||||
, with3d ? true
|
||||
, withI18n ? true
|
||||
|
@ -31,9 +32,8 @@ let
|
|||
# but brings high DPI support?
|
||||
else wxGTK31.override { withGtk2 = false; };
|
||||
|
||||
pythonPackages = python.pkgs;
|
||||
python = python3;
|
||||
wxPython = pythonPackages.wxPython_4_0;
|
||||
wxPython = python.pkgs.wxPython_4_0;
|
||||
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -55,10 +55,11 @@ stdenv.mkDerivation rec {
|
|||
dontFixup = true;
|
||||
|
||||
pythonPath = optionals (scriptingSupport)
|
||||
[ wxPython pythonPackages.six ];
|
||||
[ wxPython python.pkgs.six ];
|
||||
|
||||
nativeBuildInputs = optionals (scriptingSupport)
|
||||
[ pythonPackages.wrapPython ];
|
||||
nativeBuildInputs = [ makeWrapper ]
|
||||
++ optionals (scriptingSupport)
|
||||
[ python.pkgs.wrapPython ];
|
||||
|
||||
# wrapGAppsHook added the equivalent to ${base}/share
|
||||
# though i noticed no difference without it
|
||||
|
|
|
@ -27,23 +27,23 @@
|
|||
};
|
||||
"kicad-unstable" = {
|
||||
kicadVersion = {
|
||||
version = "2020-05-14";
|
||||
version = "2020-07-21";
|
||||
src = {
|
||||
rev = "3b8465359135e9f6dea4b0a5fcb62377753fe890";
|
||||
sha256 = "18xsg2s0pxx176rnblygq1f8xpmryw59lcjzm897gifz0sj0nhvx";
|
||||
rev = "9a801d8b72f24e297a7d9d6e8cee2eef6cab2988";
|
||||
sha256 = "0yilmmng7y3rz1bxw2b0s0aqs8hdqr7ach2r45bx8v1f4bih4ka9";
|
||||
};
|
||||
};
|
||||
libVersion = {
|
||||
version = "2020-05-14";
|
||||
version = "2020-07-21";
|
||||
libSources = {
|
||||
i18n.rev = "c4460d0d8e1075691d43dc928ffc332fa1282592";
|
||||
i18n.sha256 = "1gkrbfyfzsr5q7sahhlyhgfpfwm6b83lzf0q1v854gwxdfabvi0y";
|
||||
symbols.rev = "614b5f6256fbae82c2bba399086506bbe435bd94";
|
||||
symbols.sha256 = "10ix3wdcl832r4ha5q8phpx8j97gzngb41nczdli1qkhjmiw9y8r";
|
||||
templates.rev = "7db8d4d0ea0711f1961d117853547fb3edbc3857";
|
||||
templates.sha256 = "1hppcsrkn4dk6ggby6ckh0q65qxkywrbyxa4lwpaf7pxjyv498xg";
|
||||
footprints.rev = "240804c6c89b66af808379e1fc94ea6011433cbe";
|
||||
footprints.sha256 = "1jh71004lrn7bl384zfmbqqdbs28gjb6diwn6hyb587jpivdnl3g";
|
||||
i18n.rev = "a311975d139caf8be9848dd613a9800570adc245";
|
||||
i18n.sha256 = "1bkn2hhwcg8xdpn9yfm9nnqsg02c1nizhpxd4yhpxgifhh4psz1g";
|
||||
symbols.rev = "18572c4c118fe8ef779edf3131eebf2c33c6fa46";
|
||||
symbols.sha256 = "0hqx0aznzrnlbdkpsnl8mbs9bdgiv029d6zjh10nyjzcw27q3hxz";
|
||||
templates.rev = "ae16953b81055855bcede4a33305413599d86a15";
|
||||
templates.sha256 = "1pkv90p3liy3bj4nklxsvpzh9m56p0k5ldr22armvgqfaqaadx9v";
|
||||
footprints.rev = "4835f80b4a52256aa7a3eb650e6e0fef33a77d0d";
|
||||
footprints.sha256 = "00rc6phxmkry35i0xzry14axvh2akvvkly45s3xxi06vaydaw7i5";
|
||||
packages3d.rev = "9b560cf94a35b692ca516d37bdaf392ce10e549d";
|
||||
packages3d.sha256 = "0b9jglf77fy0n0r8xs4yqkv6zvipyfvp0z5dnqlzp32csy5aqpi1";
|
||||
};
|
||||
|
|
|
@ -31,6 +31,6 @@ stdenv.mkDerivation {
|
|||
description = "VLSI layout tool written in Tcl";
|
||||
homepage = "http://opencircuitdesign.com/magic/";
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.dkudriavtsev ];
|
||||
maintainers = [ maintainers.anna328p ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,13 +1,14 @@
|
|||
{ stdenv, fetchFromGitHub }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "drat-trim-2017-08-31";
|
||||
pname = "drat-trim-unstable";
|
||||
version = "2020-06-05";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "marijnheule";
|
||||
repo = "drat-trim";
|
||||
rev = "37ac8f874826ffa3500a00698910e137498defac";
|
||||
sha256 = "1m9q47dfnvdli1z3kb1jvvbm0dgaw725k1aw6h9w00bggqb91bqh";
|
||||
rev = "9afad0f7156a1e9c6ce19dce5d72cf1cb9a3ef27";
|
||||
sha256 = "1zq585igfaknwqbvv2cji744016zxadbvr0ifr5l6yq13m0vvn3b";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -15,7 +16,7 @@ stdenv.mkDerivation {
|
|||
'';
|
||||
|
||||
installPhase = ''
|
||||
install -Dt $out/bin drat-trim
|
||||
install -Dt $out/bin drat-trim lrat-check
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -31,6 +32,10 @@ stdenv.mkDerivation {
|
|||
annual SAT Competition in recent years, in order to check
|
||||
competing SAT solvers' work when they claim that a SAT instance
|
||||
is unsatisfiable.
|
||||
|
||||
This package also contains the related tool LRAT-check, which checks a
|
||||
proof format called LRAT which extends DRAT with hint statements to speed
|
||||
up the checking process.
|
||||
'';
|
||||
homepage = "https://www.cs.utexas.edu/~marijn/drat-trim/";
|
||||
license = licenses.mit;
|
||||
|
|
|
@ -35,5 +35,6 @@ stdenv.mkDerivation {
|
|||
maintainers = [ stdenv.lib.maintainers.schmitthenner ];
|
||||
homepage = "http://nevidal.org/sad.en.html";
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
broken = true; # ghc-8.4.4 is gone from Nixpkgs
|
||||
};
|
||||
}
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, rustPlatform
|
||||
, fetchFromGitHub
|
||||
, installShellFiles
|
||||
, pkg-config
|
||||
, libiconv
|
||||
, openssl
|
||||
, Security
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "finalfrontier";
|
||||
version = "0.9.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "finalfusion";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "1lvwv238p8hrl4sc5pmnvaargl2dd25p44gxl3kibq5ng03afd0n";
|
||||
};
|
||||
|
||||
cargoSha256 = "1ibn22v24brdlrar6j7fryiwimbbw7byak265hrw7a5agf1799x0";
|
||||
|
||||
nativeBuildInputs = [
|
||||
installShellFiles
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [
|
||||
libiconv
|
||||
Security
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
installManPage man/*.1
|
||||
|
||||
# Install shell completions
|
||||
for shell in bash fish zsh; do
|
||||
$out/bin/finalfrontier completions $shell > finalfrontier.$shell
|
||||
done
|
||||
installShellCompletion finalfrontier.{bash,fish,zsh}
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Utility for training word and subword embeddings";
|
||||
homepage = "https://github.com/finalfusion/finalfrontier/";
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ danieldk ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "geogebra";
|
||||
version = "5-0-574-0";
|
||||
version = "5-0-593-0";
|
||||
|
||||
preferLocalBuild = true;
|
||||
|
||||
|
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
|||
"https://download.geogebra.org/installers/5.0/GeoGebra-Linux-Portable-${version}.tar.bz2"
|
||||
"http://web.archive.org/https://download.geogebra.org/installers/5.0/GeoGebra-Linux-Portable-${version}.tar.bz2"
|
||||
];
|
||||
sha256 = "0jbci4spqkf33yb079lsnsc684y4mdf1p8lm9r0037av8jlsrgrc";
|
||||
sha256 = "d84c27a3299e6df08881733d22215a18decedcba4c2d97a9e5424c39cd57db35";
|
||||
};
|
||||
|
||||
srcIcon = fetchurl {
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "gh";
|
||||
version = "0.11.0";
|
||||
version = "0.11.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cli";
|
||||
repo = "cli";
|
||||
rev = "v${version}";
|
||||
sha256 = "13nq7rvxwl9cld9gng7rm534yqrr2ii0bqyzqwlkpzh9m61m3ra2";
|
||||
sha256 = "0l1d75smvly2k6s3j55n674ld6i5hd8yn6lfhg8vvkvhxx2jjvb9";
|
||||
};
|
||||
|
||||
vendorSha256 = "1xvrxdxhyj5nz5plypc5mniw5dl17w1wxcrs77w24hisn90jphgd";
|
||||
vendorSha256 = "1xq1n583p0a3j78afprm2hk5f1hchdrx4vvphml95rv9786vjbcc";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue